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Summary 


This report documents the results of an analysis of microgravity space 
experiments space shuttle programmatic safety requirements and recommends the 
creation of a Safety Compliance Data Package (SCDP) Template for both flight and 
ground processes. These templates detail the programmatic requirements necessary to 
produce a complete SCDP. The templates were developed from various NASA centers’ 
requirement documents, previously written guidelines on safety data packages, and from 
personal experiences. The templates are included in the back as part of this report. 

Background 

A Payload Safety Compliance Data Package (SCDP) is the culmination of a two- 
fold process: the completion of an experiment hazard analysis in combination with an 
assessment of the experiment’s conformance to the technical safety requirements. This 
document presents the programmatic side of developing a SCDP with requirements 
levied by Johnson Space Center (JSC), Marshall Space Flight Center (MSFC), Goddard 
Space Flight Center (GSFC), and Kennedy Space Center (KSC). The discussion of 
hazard analysis techniques and technical safety requirements are beyond the scope of this 
document. 

The National Space Transportation System (NSTS) Program requires a Flight and 
Ground SCDP for all payloads, including most microgravity space experiments, flying on 
the Space Shuttle. Typically, three or four iterations of the SCDP are required during the 
safety review process for an experiment The SCDP’s are designated by Phases 0, 1, II, 
and III, each having specific levels of detail and experiment maturity required. These 
specifics are delineated in NSTS 13830B. Once the initial package has been developed, 
reviewed, and approved, it serves as a foundation for the subsequent packages. It should 
be noted that phases may be combined, e.g Phase 0/1, and that additional instructions are 
provided for series or reflight payloads. 

The SCDP provides information which identifies, evaluates, and details controls 
for all hazards associated with the experiment The flight SCDP is utilized by the 
Payload Safety Review Panel (PSRP) at JSC to assure safety requirement compliance of 
the experiment. The flight SCDP must be approved by the PSRP before the experiment 
may be flown. The ground SCDP is utilized by the Ground Safety Review Panel (GSRP) 
at KSC to assure safety requirement compliance of the experiment. The ground SCDP 
must be approved by the Safety Panel before the experiment GSE arrives on site. 

If the experiment is to be integrated into a specific carrier (such as Spacelab, 
Orbiter Middeck, or a Hitchhiker), it may be necessary to submit the SCDP to the center 
responsible for integration of that payload carrier. Specifically these are: 
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• Spacelab - MSFC 

• GAS/Hitchhiker - GSFC 

• Middeck - JSC 

• Spacehab - Commercial 

These centers may, at their discretion, use the experiment SCDP as is, or it may be used 
as input for a mission integrated SCDP (typical of Spacelab or Middeck payloads). Each 
center has its own SCDP requirements that go above and beyond those identified in 
NSTS 13830, and these are not always compatible or all-inclusive of the other center 
requirements. This SCDP template was created with the intention of integrating all 
centers’ programmatic safety requirements into one document which would encompass 
all the needs of the Integration Centers, the PSRP, and/or the GSRP. 

There are some discrepancies between the documents on whether the safety 
information should be presented in a combined flight and ground package, or separate 
packages. There will be no combination of the two packages using this format. 

Process 

The following documents were used as references in the analysis. The bolded 
document numbers and shortened titles are used as convenient references in the SCDP 
templates. 

NSTS 13830B - “NSTS 13830B: Implementation Procedure for NSTS Payloads System 
Safety Requirements”, Nov. 1989 

NSTS 1700.7B - “NSTS 1700.7B: Safety Policy and Requirements for Payloads Using 
the Space Transportation System”, Jan. 1989 

KHB 1700.7B - “KHB 1700.7B. Space Shuttle Payload Ground Safety Handbook”, 

Jan. 1989 

JA-012D - “JA-012D: Payload Projects Office Payload Safety Implementation 
Approach”, June 1988 

GSFC Safety Handbook - “GAS Experimenter’s Guide to the STS Safety Review 
Process and Data Package Preparation”, Sept. 1993 

JSC Payload Safety Class - “Payload Safety Review and Analysis Course, Section V : 
The Safety Data Package”, Nov. 1993 

JSC 26943 - “Guidelines for the Preparation of Payload Flight Safety Data Packages 
and Hazard Reports for Payloads using the Space Shuttle”, Feb. 1995 
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From these documents a series of matrices were developed in order to compare the 
requirements of each document. A final set of matrices were created which displayed the 
SCDP section in relation to the reference documents listed above. This final set is 
attached as part of this report. From these matrices and the information found in the 
reference documents, the SCDP templates were developed. Additional experience based 
knowledge was added where appropriate. 

Findings and Recommendations 

A. Each NASA center has their own requirements for a SCDP. These are not always 
compatible or all-inclusive of the other centers requirements. Therefore, an integrated 
requirements package would be useful and more efficient for all of the centers. The 
differences between the center’s packages were identified in the NOTES section of the 
SCDP. 

B. These packages have been developed as templates for creating SCDPs. They are not 
and cannot be used in lien of a hazard analysis (e.g. Preliminary Hazard Analysis (PHA), 
Fault Tree Analysis, Sneak Circuit Analysis, etc.). The hazard analysis is the basis from 
which the SCDP and in particular the hazard reports are drawn. 

C. These SCDPs will be used at LeRC. It is recommended that they are distributed and 
used throughout all NASA centers. It is anticipated that the distribution will be through 
the NASA LeRC SAO homepage (http://ned_lerc.lerc.nasa.gov/osma_sao.html) on the 
World Wide Web. This would ensure consistency in the package format, as well as 
provide current information on the SCDP. 

D. It is recommended that this effort is coordinated through the NASA SR&QA director 
meeting. This would ensure support by all NASA centers 

Conclusion: 

The following packages were derived from the process mentioned above. Using 
these templates, the SCDP development process can be made easier and more efficient. 
They will also decrease the panel review time due to the consistency of all of the 
packages. 

Future plans include adding generic hazard report templates for each subsystem. 
These templates will add to the efficiency of the SCDP development. They are currently 
being produced by the LeRC SAO. 
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Flight Traceability Matrix 


This matrix traces each section of the SCDP template to the six reference documents/guidelines which are listed by their official names on the previous page. 

The bolded titles in the left hand column represent the sections of the SCDP template The numbers listed relate which sections (if any) of the she 
documents/guidelines (listed at the top of the matrix) discuss the same topic as a particular SCDP section Therefore, this matrix can be used to further reference 
a specific section of the SCDP template 


SCDP Section 

NSTS 13830B 

NSTS 1700.7B 

JA-012D 

GSFC Safety 
Handbook 

JSC Payload 
Safety Class 

JSC 26943 



Mission 

Description 


52 1a 

53 1a 
532 

54 1 a(l) 

55 1 a (1) 







































SCDP Section 
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NSTS 1700.7B 






Experiment 

Overview 

52 1 

52 1 a (1) 
522b 
5 3 1 a (1 ) 
5 3.1 a.(5) 
5 3 2c 
5 4 1 a (1) 
54 1 a (5) 
542b 
5 5 1 a (1) 
5 5 1 a (5) 
8.0 

200 4b 


Ground Safety 
Overview 2 




Safety Assessment 








Detailed 

Subsystem 

Description 

m 



Subsystem Safety 
Assessment and 
Safety Features 

5 3 2 e 
542c 
5 52c 

301 
305 2 


Verification 

Summary 





GSFC Safety JSC Payload JSC 26943 
Handbook Safety Class 

App D, 1 0 C 2 5T2 

C 7 57 

C 8 59 

5 13 



60 

App D, 2 0 

C 8 

5 10 

App D, 3 1 
App D, 3 1 1 
App D, 3 2 
App D, 3 3 

C 8 

5 11 
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SCDP Section 


Batteries 


Electrical Systems 


Ionizing Radiation 
Subsystems 


Materials 

Subsystem 


Mechanical 

Systems 


Non-ionizing 

Radiation 

Subsystem 


Optical and Laser 

Subsystems 

Pressurized 

Subsystems 


Structures 

Subsystem 


JA-012D 


JSC 26943 


6 12.1 
6 13.1 
App A, 
pgs A1 l-(l-3) 


App. B, 

pgs.Bl/1-0-2), 
B 1/2-0 -2) 


GSFC Safety 
Handbook 

7.0 
7 1 

App B, 
pgs B2-O-10) 
App. D, 

Pg D-l 


JSC Payload 
Safety Class 

I (Part II, 
pgs 28-31) 
part of elec 


Part II, 
pgs. 22-23, 
24-31,36-39, 60-61 


6.12 1 
6 13 1 
App A, 
pgs A 1-(1 -4) 


App C, 

pgs C-(4-6), C-(9- 

10 ) 


App B, 
pgs. Bl/5-1, 
Bl/6-1 


60 

App D, 
pg D-l 


6 1.3 1 
App. B, 
pg B 1/3-1 


App C, 
pg C-8 


6 13 1 


6 13 1 
6.1.4 1 


App C, 
pg C-7 


Part II, 
pgs 15-16 


Part II, 
pgs 11-12, 
13-14, 32-35 


Part II, 
pgs. 17-19, 
21,53-59 


Part II, 
pgs. 40-42 


Part II, 
pgs 24-25 
Part II, 
pgs 43-46 


App C, 
C3/2-Q-7) 


App B, 
pg Bl/7-0-2) 


60 

App B, 
pgs Bl-(1-12) 
App D, 


Part II, 
pgs 13-14, 
17-19,21, 
47-52, 58-59 
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SCDP Section 


NSTS 13830B 


Applicability 

Matrix 


Hazard Report 
List/Status 


Hazard Reports 


NCR, Waivers, 
Deviations 


Failures/Accidents 
Report 


App A 
5 2 1 a (3) 

53 la(3) 

5 4.1 a (3) 

5 5. 1 a (3) 

App. B, pgs. B-(l-5) 
5 1.4 

53 11 

54 11 
5511 

App B, pg. B-4 

Til 

5 2 1 a (4) 

5 2.1 1 

5.2 2 e 

53 1 a (4) 

53 11 

5.3 2.f 
54 

5 4.1 a (4) 

54 11 
5 4.2 d 

55 1 a (4) 

55 11 
5 5 2 d 

56 

App A 
5 4.2 c 
55 la(6) 

5 5.2 c 
60 
6 1 
62 

54 1 a (7) 

55 1 a (8) 


JA-012D 


GSFC Safety 
Handbook 


JSC Payload 
Safety Class 


JSC 26943 






6.1 1 1 

App C, pg C-l 

C 9 


6121 
6 1 3.1 
App A, 

App D, 3 1 



pgs. A4-(l-5) 




6 111 

App. C, pg C-2 


Part II, 2 2 

6 12 1 
61 3.1 
6 1 4.1 

App D, 3 1 



pgs A3-(l-3) 




50 

60 

C 8 

45 

60 

App B, 

C 10 

Part II 

6111 

pgs Bl-(lO-ll) 

C 14 


6 1.2 1 

pgs B2-(9-10) 

C 15 a 


613 1 

App C, pg C-3 



6 132 
6 14 1 

App D, 3 1 



90 




App A, 
pgs A2-(l-6) 






C 6 

5 542 

— 


6 1 3 
6 1 4. 


C 12 
C.15 c 


































SCDP Section 

NSTS 13830B 

NSTS 1700.7B 

JA-012D 

GSFC Safety 
Handbook 

JSC Payload 
Safety Class 

JSC 26943 

Verification 
Tracking Log 

5.5 1 a (11) 

5 5.1 1 
5 5 2 d 
5 5 2 e 
5.5 2 f 

App A, pg A-8 
App C 

214 2 
305.2b 
305 3 

5.0 

6 1.4.1 
6 14.2 
6 152 


C.ll 

Part II, 2.3.9 

Certificate of 
NSTS Payload 

5.5.1 a (12) 
fig 5-2 

304 
App A 
App C, fig 3 

6 1 4.1 
6 142 
90 

fig 6-2 


C 4 


Appendix A: 

Applicable 

Documents 





C 2 

56 

Appendix B: 
Project Schedule 

522a 
5 3 2.b 




Cl 


Appendix C: 
Safety Analysis 

5 1.6 
5.3 
54 

301 

App A 


30 

C 8 

553 

Definitions' 1 





C 15b 


TOPs 1 





C 15 d 

5.5 4 3 

FMEA° 

1 

5 1 6 


50 

6 1.2 1 
6 13 1 
9.0 





Notes: 

1 - The Cover Page is a customary addition to the SCDP There are no requirements for this page 

2 - The Ground Safety Overview has been omitted from the SCDP template There are no actual requirements for this section This information will be 

covered m the Ground SCDP 

3 - This section was added to provide the reader with instructions on how to divide the package mto subsystems 

4 - The definition section has been omitted from the SCDP template There is only one reference and no actual requirements for this section 

5 - The Technical Operating Procedures (TOPs) have been omitted from the Flight SCDP, however, they will be addressed in the Ground SCDP template 

6 - The Failure Modes and Effects Analysis (FMEA) will not be mcluded m the SCDP template This is considered a stand alone document 




Ground Traceability Matrix 

This matrix traces each section of the SCDP template to the five reference documents/guidelines which are listed by their official names on the previous page 
The bolded titles in the left hand column represent the sections of the SCDP template The numbers listed relate which sections (if any) of the five 
documents/guidelines (listed at the top of the matrix) discuss the same topic as a particular SCDP section. Therefore, this matrix can be used to further reference 
a specific section of the SCDP template 
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Cover Page 1 






Title Page 





C.l 
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C 2 

Action Items 

532 

5 4 1 b (8) 
542 
542a 
5 5 1 b (9) 
5.5 2 
5 52a 
5 5 2 f 


50 

624 1 
90 


C 13 

Revision Page 

5 1 5 
5.3 2 a 
542b 
5 5.2.b 
56 

34 

50 

624 1 


C 2 

Table of Contents 





C 3 

List of Figures and 
List of Tables 




App D, pg D-l 

C 16 
C 17 

Acronyms and 
Abbreviations 




App D, pg D-l 

C.15 c 

Introduction 
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Mission 

Description 

5 2.1.b (1) 
5.3 l.b(l) 
5 3.2 c 
5 4 1 b (1) 
5 5 l.b(l) 


622 1 
623 1 


C 2 
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NSTS 13830B 

KHB 1700.7B 

Experiment 

Overview 

1 

1 


Ground 

Operations 

' . 1 


Safety Assessment 



■ HP 



Subsystem 

Description 


32 A 

Subsystem Safety 
Assessment and 
Safety Features 

5 3 2 e 
542c 
552c 

40 


Verification 

Summary 1 


GSFC Safety 
Handbook 

App D, 1.0 


JSC Payload 
Safety Class 

C 2 

Cl 

C 8 


App. D, 4 0 

C 7 

App D, 3 1 

C 5 



App D, 4 0 

C 8 

App D, 3 1 
App D, 3 1 1 
App D, 3 2 
App D, 3 3 

C 8 

































SCDP Section 


NSTS 13830B 


KHB 1700.7B 


Electrical Systems 5 3 1.1 4 1 3.B.9 


5411 43 

55 11 

App A 


Lifting/Handling 5 3 11 4 1 3 B 5 

54 1 1 45 1 l.B 

5 4 1 b (6) 

55 11 

5 5.1b (7) 

App A 


Materials 5 3 1 1 3 21 

54 1 1 3 2 J 

55 11 4 1 3 B 7 

App. A 4 3 10 B 2 


Pressure Systems 5.3 1 1 4 1 3 B 8 

54 11 

55 11 


55 lb(ll) 


App. A 


Radiation 5 3 1 1 3 2 D 

5 4.11 4 1 3 B 6 

5 5 1 1 434 1 E 

App A 4 3 4 1 F 1 


JA-012D GSFC Safety 
Handbook 

App. B, 

pgs B2/l-(l-2) 


6 2 4.1 
App B, 

pgs B2/2-(l-3) 


App D, 
pg D-3 


6 2 4 1 App D, 

App B, pg D-3 

pgs B2/3-(l-3) 


6 2 2 1 App C, 

6 2 3 1 pgs C-7, 

App A, C-9,C-10 

pgs. A5-(l-3), 

A6-(l-3), 

A7-(l-3), 

A8-(l-3) 

A9-(l-3), 

AlO-Q-3) 



























SCDP Section 

NSTS 13830B 

KHB 1700.7B 

Hazard Report 
List/Status 

5 1.4 
5.3 1.1 

54 1 1 

55 11 

App. B, pg B-4 


Hazard Reports 


3 2 E 

and Supporting 


332 

Data 


3 3 3 1 E 


5 5 2 d 
56 

App. A 


NCR, Waivers, 
Deviations 


542c 
5 5 l.b(6) 
5 52c 
60 
6 1 
62 


3 2 G 
333 
3 3 3 1 
3 3.3 2 

App C, 6 a-6 g 


Failures/Accidents 
Report 


5 4.1b (7) 
5 5 1 b (8) 


3 2 F 


Safety Verification 
Tracking Log 


5 5 1b (12) 
5.5.1 1 
5 5 2.d 
5 5 2 e 
5 5 2 f 

App A, pg A-8 
App C 


JA-012D 


623 1 

pgs A3-(l-3) 


GSFC Safety JSC Payload 

Handbook Safety Class 

App C, pg C-2 
App D, 3 1 


50 

60 

60 

App C, pg C-3 

6.2. 1.1 

App D, 3 1 

622 1 


623.1 


6.2 4.1 


90 



C 8 
C 10 
C 14 
C 15a 


App. A, 
pgs. A2-(l-6) 


C 6 


623 1 
6.2 4 1 
50 

6.2 4 1 


C 12 
C 15c 
C 11 





























SCDP Section 

NSTS 13830B 

KHB 1700.7B 

JA-012D 

GSFC Safety 
Handbook 

JSC Payload 
Safety Class 

Certificate of 
NSTS Payload 

5 5 l b (13) 
fig 5-2 


624 1 
6242 
9.0 

fig 6-2 


C 4 

List of Deliverable 
Items 



622 1 
623 1 
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Documents 





C 2 

Appendix B: 
Project Schedules 

522a 
5 3.2 b 

3 2 B 



Cl 

Appendix C: 
Technical 
Operating 
Procedures (TOPs) 

5 4 1 b(9) 
5 5.1b (10) 

3 2 C 
332 
4.1 3 B 
4 1 3C 
4 3 3 2 2 D 
4422 
App C 

6.2 3 1 
6 2.4 1 
6242 

App D, 4 0 

C 15 d 

Definitions’ 





j C 15b 

FMEA 5 

5 1 6 


50 

90 




Notes: 

1 - The Cover Page is a customary addition to the SCDP There are no requirements for this page 

2 - This section was added to provide the reader with instructions on how to divide the package into subsystems 

3 - This section was added because of requests from safety reviews There are no requirements for this page 

4 - The definition section has been omitted from the SCDP template There is only one reference and no actual requirements for this section 

5 - The Failure Modes and Effects Analysis (FMEA) will not be included m the SCDP template This is considered a stand alone document. 

















Flight Safety Compliance Data Package Template 
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Cover Page 

Every SCDP begins with a cover page This page provides the title of the experiment, the phase of the data 
package, and the preparation date Often, this page is placed on a company letter head in order to identify the 
company or NASA center where the package was prepared This page can be arranged in any fashion The 
following page is an example of a typical cover page. 


NOTE- 

There are no requirements for this page 
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TITLE OF EXPERIMENT 


PHASE _ FLIGHT SAFETY COMPLIANCE DATA 

PACKAGE 


DATE 


(Sample Cover Page) 
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Title Page 

The title page provides necessary information about the package as well as the mvolved personnel. Similar 
to the cover page, the title page includes the experiment name, the phase of the data package, and the preparation 
date In addition, it provides the contract number and the signatures of the responsible personnel, which mclude the 
authors), program manager, chief engineer, and the organization safety representative Included under the 
personnel signatures are their printed name, title, and affiliated company or NASA center A sample title page is 
provided for reference NOTE Additional lines should be added for more than one preparer The signatures are 
interpreted as a concurrence of the SCDP 


NOTES 

To avoid confusion, revision numbers have been excluded 

JA-012D’s cover page is the hazard list page and will be included m the hazard list section, NOT the title page 

JSC 26943 refers to this page as the signature page 

Information under the signature line and the phase number has been added 
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EXPERIMENT NAME 


Phase Flight Safety Compliance Data Package 

Date 

Contract #: 


Prepared By 


Name 

Title 

NASA Center or Company 


Approved By 


Name 

Program Manager 
NASA Center 


Name 

Chief Engineer 
NASA Center 


Concurred By 


Name 

Title (Organization Safety Representative) 
NASA Center 


(Sample Title Page) 
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Preface 


The preface is a bnef paragraph which explains the requirements of the SCDP contract This mcludes a 
statement of compliance with requirements specified m NSTS 1700.7B and a reference to the applicable documents 
appendix for supplementary compliance documents The preface also provides additional information about the 
responsible personnel including phone numbers and mailing addresses Furnishing the Payload Safety Review 
Panel (PSRP) with this information allows them to contact the responsible personnel m order to resolve technical 
issues and questions. 

NOTES 

JSC Payload Safety Class mcludes the statement of compliance with the requirements in the introduction and a list 
of all applicable documents This is covered in the preface which mcludes a reference to the applicable documents 
appendix. It also mcludes the reason why a SCDP needs to be submitted which is included m the preface as the 
requirements of die SCDP contract 

The Forward and Purpose from JSC 26943 have been mcluded m this paragraph The purpose of the hazard 
analysis and the desired result is included m the requirement of the SCDP contract 
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Action Items 


The action items (AI), which evolve from safety panel reviews, are accounted for through an AI table An 
AI table is provided on the following page for reference This table numbers, lists, and provides information about 
a particular AI which includes its current status and closure rationale The AI number is assigned at safety reviews 
and can be obtained through the minutes of the meeting The current status is listed as either open or closed with a 
closure date The closure rationale explains the reasons for which the AI was accepted as being closed It is the 
responsibility of die SCDP developer to track all AIs to closure. All AIs must be closed by the PSRP pnor to the 
Phase m Flight Safety Review to be considered complete A Phase 0 SCDP should have a blank AI table as a 
placeholder for future SCDP iterations, there will be no AIs since the Phase 0 SCDP is the first official version of 
the SCDP 


NOTES: 

The AI Number has been added in order to easily identify each AI The closure date has also been added as further 
information for the AI The explanations of each table header was added for clarification The AI section has been 
moved to the front of the package due to its importance 
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Action Items 
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Revision Page 

The revision page describes the significant alterations made to the SCDP after Phase II that occur due to 
action items, major engineering design changes, and/or control measure changes. Some of these changes are 
suggested by the engineers and designers and may be presented in ECRs (engineering change requests) All 
changes are assessed for safety, documented m the SCDP, and recorded in this table. It is not necessary to 
document insignificant editorial revisions As shown on the succeeding page, the revision page will mclude the 
following information the revision number, revision description, the location of the response data, and the revision 
date. The location of the response data is a listing of the page and paragraph number or hazard report number of the 
adjustment in the SCDP which resulted from the revision Hazard report alterations are to be referenced to the 
hazard report list/status page in order to avoid duplication of status A Phase 0 package will not contain a revision 
page smce it is the first official copy of the SCDP NOTE All significant revisions made to the SCDP will be 
identified by placing a bar in the right hand margin next to the altered paragraph or statement in the SCDP 

NOTES 

NSTS 13830B details the safety assessment on changes to mclude effects on interfaces This is understood when 
saying that die changes should be assessed for their impact on the system’s safety 

The ECRs are only mentioned m JA-012D 

There is no direct requirement for a revision page There are only references to changes and recording these 
changes. This table was created in order to help the safety engineer keep track of all of the changes 
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Table of Contents 


The table of contents presents all of the section and subsection numbers, titles, and page numbers The 
pages between and including the preface and acronyms and abbreviations should be numbered with Roman 
numerals This excludes die cover and tide pages, which are typically not numbered After the acronyms and 
abbreviations page, the pages should be numbered sequentially within each section This mvolves using a 
compound numbering system in which die first number represents the section number and the second number 
represents the page number in that particular section (i.e. pg. 1-5 is section 1, page 5) Usmg this technique, each 
section will begin on a new page This method easily allows for additional pages to be added per section without 
disrupting the complete numbering system All sections with Roman or Arabic numerals should appear m the table 
of contents. The total number of pages of the complete package should also be included to ensure the reader that 
he/she has received die complete package NOTE The individual hazard reports will be separately listed elsewhere 
in the package and do not need to be listed by name here 

NOTES 

The JSC Payload Safety Class suggested addmg a letter to designate added pages. This is unnecessary if the 
compound numbering system is used The JSC Payload Safety Class also gives a choice of listing the hazard reports 
m die table of contents or at the beginning of the hazard report section The note above explains the use of die 
hazard report list found later in the package. 

Further instructions on how to number the SCDP have been provided here for guidance 
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List of Figures and List of Tables 

Following the table of contents is the list of figures and the list of tables These two separate lists follow 
the format of the table of contents and in effect look as though they are a part of it The figures and tables will have 
a separate compound numbering schemes similar to the page numbering system. The first number represents the 
section number and the second number represents the figure or table number in that particular section (1 e figure 1-6 
is section 1, figure 6) 

NOTES: 

Some of the documents discuss these together and some do not The information stated here was gathered from 
referencing previously written SCDPs 
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Acronyms and Abbreviations 

Hus section is a list of all of the acronyms and abbreviations and their complete names used throughout the 
SCDP The list will stand as a reference for those not familiar with die terminology The following is a listing of 
common acronyms and abbreviations which are typically used m a SCDP This list is provided only as a reference 
for the preparer. This list should be altered and amended to reflect the appropriate acronyms and abbreviations for a 
particular project. 


AC 

Alternating Current 

AI 

Action Items 

ASE 

Airborne Support Equipment 

CDMS 

Command and Data Management System 

DC 

Direct Current 

ECR 

Engineering Change Request 

EMI 

Electrical Magnetic Interference 

EVA 

Extravehicular Activity 

FMEA 

Failure Modes and Effects Analysis 

GAS 

Get-Away-Special 

GSFC 

Goddard Space Flight Center 

GFE 

Government Furnished Equipment 

GSE 

Ground Support Equipment 

ICD 

Interface Control Document 

JSC 

Johnson Space Center 

KSC 

Kennedy Space Center 

KHB 

Kennedy Handbook 

LeRC 

Lewis Research Center 

MDP 

Maximum Design Pressure 

MIP 

Mandatory Inspection Point 

MIUL 

Material Identification Usage List 

MLI 

Multi-Layer Insulation 

MPE 

Mission Peculiar Equipment 

MSFC 

Marshall Space Flight Center 

MUA 

Material Usage Agreement 

NASA 

National Aeronautics and Space Administration 

NCR 

Noncompliance Report 

NHB 

National Handbook 

NSTS 

National Space Transportation System 

PGSC 

Payload General Support Computer 

PHA 

Preliminary Hazard Analysis 

PHR 

Payload Hazard Report 

POCC 

Payload Operations Control Center 

PSRP 

Payload Safety Review Panel 

SCDP 

Safety Compliance Data Package 

SH 

Spacehab 

SL 

Spacelab 

SRM&QA 

Safety, Reliability, Maintainability, & Quality Assurance 

SSP 

Space Shuttle Program 

STS 

Space Transportation System 

SVTL 

Safety Verification Tracking Log 
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TBD To Be Determmed 

TOP Technical Operating Procedure 


NOTES: ( FOR ACRONYMS AND ABBREVIATIONS) 

JSC 26943 calls die acronyms and abbreviations’ complete name a definition. The word “definition” was excluded 
to avoid confusion 

This list provided is not suggested m any document 
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Introduction 


The introduction describes the format of the SCDP. A correlation is made between the progress of the 
experiment and die phase of the SCDP This informs the reader of the maturity of the experiment and SCDP The 
actual content of the SCDP depends on the phase Early phase packages contain considerably less information but 
exist as a base in which information can be added for a complete Phase III package This paragraph includes the 
approach taken to provide the information necessary for a package of the appropriate phase It should mention that 
the SCDP is broken mto sections where each section represents a subsystem In each one of the sections is the 
subsystem description, subsystem safety features, subsystem’s hazard reports), and additional supporting data. The 
introduction should also mclude any other general information pertaining to the SCDP 

NOTES 

This introduction does not fit with the definition of introduction given m JSC Payload Safety Class The JSC 
document introduction is the payload and mission overview which will be covered in the experiment overview and 
the mission description, respectively The requirements which are satisfied by the SCDP are already covered m the 
preface (NSTS 1700 7B) and are also listed m the applicable documents section m the appendix The purpose of the 
hazard analysis and die desired results are also covered m the preface The JSC Payload Safety Class also addresses 
the description of the subsystems which is covered m the Subsystem Description of this package 

JSC 26943 provides a generic statement which is covered in this paragraph 

No other documents suggest this type of an introduction It is necessary m order to prepare the reader for the 
content of the SCDP Often, the overall payload and mission description is mcluded under the introduction There 
are separate sections for both of these topics m this package 
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Mission Description 

This section provides a description of die mission on which the experiment is to be flown. Included in the 
description is be die name of die mission, mission objectives, and mission characteristics. The mission objectives 
explain the purpose and goals of the mission. 

The mission characteristics entail die launch location, launch date, launch window, attitude, mission duration, 
primary landing site, and payload configuration 

NOTES 

JSC Payload Safety Class included the mission objectives m the introduction The JSC document also included the 
payload objective and project schedules The payload objective will be mcluded m the experiment overview and the 
project schedules have been placed m an appendix There is information in this section which may be on a mission 
schedule, such as die mission’s launch date and launch wmdow The JSC Payload Safety Class also mcludes 
ground operations which are not in this mission description The ground operations will be detailed m the Ground 
SCDP The flight operations are also discussed m the JSC Payload Safety Class’s mission description This is 
covered m this package in the experiment overview 

JA-012D mcludes die mission description with the payload description 

NSTS 13830B has also mcluded the mission description with the payload description 
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Experiment Overview 

The experiment overview should be divided into several subsections which describe the payload, the 
experiment, the operational scenario, and Orbiter provided critical services and interfaces If an experiment is large 
m size and fairly complex it is common to consider it as a payload In this case, there will not be a separate 
description for die payload and the experiment smce they are one and the same This section will change with the 
alteration of the design It is important to keep this information updated throughout the various phases of the SCDP 
NOTE If the payload/experiment is to be reflovm or is part of a series flight then refer to NSTS 13830B section 8 0 
or JA-Q12D section 7 0 for complete instructions and also note this fact in this section 

The payload description includes the payload name, its location on the STS, and the overall objectives of 
the payload A diagram of die location of the payload may be used to help explain the payload’s location and its 
orientation on the STS 

The experiment description addresses the objectives of the experiment and the experiment’s overall design 
If die experiment is a GAS experiment then it is also necessary to identify the classification as either “B” or “C”. 
NOTE Reference the GSFC Safety Handbook, section 4 1 , pg 9, for an explanation of the classification system 
The overall design should mention all of the safety critical subsystems mvolved and reference the sections m the 
SCDP which describe each subsystem in detail The government furnished equipment (GFE) should be described 
along with an explanation of its use in relation to the experiment Illustrations and figures should be mcluded to aid 
in die description of the system 

The operational scenario provides a chronological explanation of the operation sequence This scenario 
should describe the experiment’s operating procedures during all phases of flight from prelaunch to landing 
including abort and rapid-safing contingencies Any known crew procedures should also be mcluded along with an 
explanation of necessary certifications for hazardous procedures. An operations timeline can be mcluded to aid m 
the description of the operational scenario An example of an operations timeline is provided on the following page 

The Orbiter provided critical services and the experiment-Orbiter interfaces should be identified and 
explained The Orbiter provided critical services include any monitoring or controlling of a potential hazard 
associated with the experiment These services must be identified as safety critical services Some common Orbiter 
provided critical services are structural/mechanical interfaces, environmental control, electrical power, and 
command and data management systems 


NOTES (for Experiment Overview) 

JSC Payload Safety Class covers the scope and purpose of the payload under the Introduction The scope and 
purpose of the payload will be addressed m the payload objectives and the experiment objectives The introduction 
also requires identification of the primary system, support systems, operational interfaces, and facilities These have 
all been moved to the experiment overview This document also includes the payload objective and flight 
operations under the mission description The detailed subsystem descriptions are also included m the 
payload/system description m the JSC document All detailed descriptions have been moved to the subsystem 
descriptions. 

JSC 26943 has a separate scope section which has been mcluded here It includes a list of all hardware items This 
will be covered m the description of the subsystems. This document also includes a section called ground 
operations. These will not be addressed m the flight SCDP They will be addressed m the ground SCDP The 
flight operations and the Orbiter provided critical services have been mcluded under the experiment overview 
instead of under separate topics The Orbiter provided critical services section provides subsystems to mclude The 
JSC document describes each subsystem and repetitively tells the reader to describe each subsystem A simple list 
was added to this package m order to get the reader on the right track JSC 26943 also separates the payload 
description and the flight operations These have been combmed m the experiment overview section 
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GSFC Safety Handbook includes the objectives of the experiment, the classification, conceptual descriptions, and 
operational scenarios These have been combined and mcluded m this section 

JA -01 2D suggests including block diagrams and line illustrations These are mcluded m the illustrations and 
figures As the phases progress, this document stresses a fully developed description This will be covered m the 
subsystem description 

NSTS 13830B asks for program milestone schedules This will be mcluded in the appendix The Orbiter provided 
critical services have been mcluded under the experiment overview instead of under a separate topic 

NSTS 1700 7B also mcludes the Orbiter provided critical services in the hazard report 

The payload description, experiment description, the operational scenario, and the Orbiter provided critical services 
and interfaces are all m one section. Noted above are the documents which separated some of these sections The 
payload location is included in the payload description No document actually calls out for the payload location 
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EXAMPLE 
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FI 
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F2 
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MAINTAIN LOW G 


Note Timeline is not to scale 

Relay B can be activated before the completion of STAGE 1 Relay B will then 
be deactivated 3 HR after Relay B is activated 


12 HR 
196s 


Approximately 
15 HR 




Safety Assessment 

The safety assessment gives a narrative summary of the safety analysis of the experiment and its interfaces 
The summary explains the approach and techniques used to analyze the experiment for hazards. Any assumptions 
made in order to analyze for hazards should be stated and explained. The maturity of the safety assessment depends 
on the maturity of the experiment; therefore, this section will be general for a Phase 0 package and will develop in 
detail for a Phase III package If the experiment is a GAS experiment then it is also necessary to rationalize the 
classification which was given m the experiment overview. NOTE Reference the GSFC Safety Handbook, section 
4 1, pg 9, for an explanation of the classification system There should be a reference to the subsystem safety 
features for a detailed safety assessment of a particular subsystem The actual safety analysis may be included m 
Appendix C and should be referenced in this section 

NOTES 

JSC Payload Safety Class called this the Program Safety Status Summary The JSC document asks for safety 
concerns and noncomp hance items. It also suggests a summary of all risks deemed acceptable by the approvmg 
agency and the corresponding program position This will be covered in the subsystem sections under safety 
features. 

GSFC Safety Handbook asks for the results of the hazard analysis This is covered m the summary of the safety 
analysis. 


33 



Subsystems 

This section is a narrative of the subsystems of the experiment which are discussed m the SCDP. The 
narrative explains that die SCDP is broken up into sections per experiment subsystem The subsystems which are 
mcluded in die SCDP will be listed Each section contains a detailed subsystem description, subsystem safety 
assessment and safety features, and verification summary This section further explains what information can be 
found under each of these items as detailed below for reference 

Subsystem Description* 

This section will completely describe die subsystem including its layout, components, function, and 
planned operation. Diagrams and figures will be provided to illustrate the subsystem and its location within the 
experiment (These may be mcluded in the Hazard Report section.) 

Subsystem Safety Assessment and Safety Features 

This section will provide a hazard assessment detailing the potential hazard sources associated with the 
particular subsystem References should be made to the appropriate hazard reports and their supporting data. 
Included m the assessment will be all of the safety features incorporated mto the design Also, provide an 
explanation of all risks which are deemed acceptable by the approvmg agency and are to be supported by the 
experiment organization Additionally, a summary will be mcluded which explains the safety controls of any 
eliminated hazards (those hazards m which a hazard report was found unnecessary). If applicable, diagrams and 
figures should be mcluded to display and better explain any safety features (These may be mcluded m the Hazard 
Report Section.) 

Verification Summary 

This section will describe the methods of verification used to assure that each hazard control meets its 
design specifications and intended performance levels The description of a particular test or analysis and its results 
will be provided along with references to the actual test or analysis report if applicable. 

This SCDP template is divided mto sections, each describing a specific subsystem, to illustrate the 
approach which should be taken The subsystems that follow are common subsystems found m space experiments 
which mclude Batteries, Electrical Subsystems, Ionizing Radiation, Materials Subsystems, Mechanical Subsystems, 
Non-ionizmg Radiation Subsystems, Optical and Laser Subsystems, Pressure Subsystems, Structural Subsystems, 
and Miscellaneous Subsystems As described above, each subsystem section is divided mto three separate sections 
m order to aid m the description of the subsystem and in assessmg potential hazards This information is provided 
as a reference for use m developmg an actual SCDP 
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NOTES 


This section was added in order to assist the reader in preparing the subsystem divisions m the SCDP This was not 
suggested m any document, but will help the reader understand the format of the package The descriptions of each 
section under the subsystems was gathered from various documents. 

13830 suggests several subsystems, but it also states that any convenient grouping may be used. The subsystems 
listed above are common to LeRC space experiments 
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Batteries: 
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Batteries: 


- Includes any battery used throughout the experiment 

- Includes all internal “button” batteries commonly found in computers or other 

small electronics 

- Includes battery charging circuitry 
Subsystem Description: 

- Identify all batteries used m the experiment. Include manufacturer, model number, 

number of cells, cell or battery voltage, capacity, senes or parallel arrangement, 
and a battery circuit diagram Complete the battery matrix. 

- Provide diagrams of the location and the surrounding circuitry 

- Description of operation 

Safety Assessment Summary and Safety Features: 

- Descnbe the battery box in which the battery is contained. Provide a drawing of 

the battery box (“Button” battenes may not have battery boxes ) 

- Describe the ventilation system used to vent the battery box Provide a diagram 

of the ventilation of the battery (“Button” battenes may not have ventilation ) 

- Descnbe control which protect against external shorts or then effects Reference or 

include applicable drawings 

- Identify and descnbe all manufacturing controls that preclude internal shorting 

- Specify what devices and procedures will limit the charging current, so as not to 

initiate or sustain an excessive outgassmg or thermal runaway of secondary battenes. 

- Identify monitors available 

- Specify devices and procedures that are designed to limit effects of the current discharge or limit 

the discharge rate Specify failure tolerance of these systems 

Verification Summary: 

- Specify what techniques are used to venfy that internal short protection is in place 

- Summarize analyses to confirm adequate short protection is in place 

- Specify how devices, procedures, monitors, etc , which protect against overcharging are 

to be qualified and venfied 

- Summarize how the implementation of controls to prevent cell reversal will be venfied 

- Summarize and refer to the venfication analysis or test that venfies the safety margin 

between rupture, venting, and operating pressure for worst-case conditions 

- Summarize and refer to thermal analysis that determined operating conditions 

- Summarize venfication analysis or demonstration test results that venfy the required 

failure tolerance is maintained 

- Summarize the results of the pressure test of the battery box. 
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Notes: The following information is needed for this section As mentioned above, some of this information should 
be included with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate 

Supporting Data: 

- Provide diagrams of cell/battery construction 

- Schematics of battery circuits identify mg circuit protection features 

- Schematics of control and monitoring circuits preventing cell reversal 

- All necessary test reports which support the verifications listed 
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Electrical Subsystems: 
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Electrical Subsystem: 


- Includes the control of potentially hazardous experiment functions 

- Includes Electrical Power Distribution Systems (EPDS) 

- Starts at interface connector between the experiment and the Orbiter 

- Includes all electrical and electronic components* connectors, circuit breakers, fuses, 
cables and wiring, control circuit parts/components/elements, power systems, 

and power supplies 

- Includes computer-controlled systems 

- Includes all electronic safety inhibits 

- May be referenced m other experiment subsystems 

- Telemetry Systems 

Subsystem Description: 

- Provide a complete description of the experiment electrical subsystem Include the 

materials used for the various components 

- Specify the function and operation of each major component or element and a 

definition of the experiment electrical interface requirements 

- Provide schematics and block diagrams as appropriate 

- Provide a brief description of any computer-based control systems utilized in the 

experiment design 

- Identify whether the computer system is being used to actively process/command 

systems with a critical or catastrophic hazard potential 

- If a computer is utilized solely to process/manipulated non-safety related data (e.g 

science data), state that the computer is not being used to actively inhibit, control, 
or monitor any experiment system which could possibly create a critical or 
catastrophic hazard 

- Provide a list of all experiment safety critical systems being controlled by the 

computer 

- Provide a summary of the service provided by the Orbiter general purpose computer 

such as the monitoring, storing, retrieving, or commanding of any experiment 
safety critical systems 

- Provide a bnef description of the hardware architecture including processors, redundant 

hardware components, and redundant computers 

- Provide a diagram to show how the computer system interacts with the safety critical 

systems and components 

- Provide a description of the electrical power used to enable the computer system 
Safety Assessment Summary and Safety Features: 

- Provide a description of the various types of inhibits and level used throughout the 

experiment 

- Provide a description of the fault tolerance of all critical functions 

- Provide a description of the protection of Orbiter circuitry that is powered by the 

experiment EPDS 

- Provide a description of all safety features incorporated mto the design of the EPDS 

This could include bonding, grounding, shielding, wire and fuse compatibility, 
isolation, compliance with conducted and radiated emissions requirements, wire 
routing, wire sizing, cable and wire physical protection, separation of safety 
critical circuits to the maximum extent possible, and shock protection 
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- Define the approach being used to verify independence of the computer system 

- Describe how the experiment organization has instituted unique instruction sequences 

m the multiple-computer system software 

- Describe the protection against under-voltage or over-voltage conditions 

Verification Summary: 

- Describe the inspection process used to verify that the safety features mentioned in the 

above section have been implemented properly. 

- Describe the systems analysis and loads analysis which ensures that the proper load 

constraints are m place 

- Summarize the testing process which verifies that proper grounding has been 

implemented Include the test parameters and reference the test plan 

Notes: The following information is needed for this section As mentioned above, some of this information should 
be mcluded with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate 

Supporting Data: 

- Schematic diagrams indicating power source, wire sizes, circuit protection devices, wire 

temperature rating, etc. 

- Inspection reports and close-out photographs (as requested) 

- Document grounding and bonding techniques used 

- Outline testing procedure and criteria 
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Ionizing Radiation Subsystems: 
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Ionizing Radiation: 


- Radioactive material 

- Equipment that emits ionizing levels of electromagnetic radiation 
Subsystem Description: 

- Identify all radioactive materials 

- Complete JSC Form 44 for each radioactive material 

Safety Assessment Summary and Safety Features: 

- Descnbe the experiment procedures and/or the design used to ensure ionizing radiation 

levels and exposure of crew and equipment are minimized, in according with 
Federal licensing standards 

- Descnbe any design provisions that prohibit release or displacement of radioactive 

matenal and subsequent contamination problems 

- Specify and summarize fault tolerance to inadvertent operation 

- Identify all inhibits, controls, and monitors available. Provide diagrams of controls and 

inhibits 

- Summarize containment of ionizing radiation Provide diagrams indicating containment 

provisions. 

Verification Summary: 

- Summarize the review of the design, the containment analysis, and the operational 

hazard analysis 

- Summarize and refer to the analysis to support fault tolerance of the design 

Notes: The following information is needed for this section. As mentioned above, some of this information should 
be mcluded with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate 

Supporting Data: 

- JSC Form 44 describing all uses of radioactive materials or radiation generators 

- Schematics of controls and inhibits for operation of ionizing energy generators 

- Diagrams indicating containment provisions 
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Materials Subsystems: 
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Materials Subsystem: 


- Materials used in the construction of the experiment 

- Materials used as experiment consumable (e.g experiment fluids and gases) 

- Materials generated from the experiment operation/mteraction (e g. exhaust fluids and 

gases) 

Material Usage Description: 

- Describe the payload in terms of the major uses of materials 

- Provide a listing of the type and quantity of experiment consumable materials 

- Provide a list of the materials generated from the experiment operations and/or potential 

interactions 

- Provide a list of the any radioactive material or coatings used. 

Safety Assessment Summary and Safety Features: 

- Detail how the materials were selected (1 e standards, requirements documents, testing, 

etc ) 

- Detail how the material selection inhibits stress corrosion 

- Detail how the hazard level of the experiment was analytically derived 

- Detail how the hazard level and quantities of the experiment generated materials were 

determined. (Mention the SMAC values for fluids ) 

- Detail how the hazard level of the radioactive sources was determined. 

Verification Summary: 

- Provide summary status report of the MIUL and number of MUA f s generated 

- Provide summary of offgas testing results 

- Provide summary of experiment testing regarding experiment and exhaust gases and 

fluids 

Notes: The following information is needed for this section. As mentioned above, some of this information should 
be included with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate. 

Supporting Data: 

- Materials Identification and Usage Listing (MIUL) 

- Material Usage Agreement (MU A) 

- Toxicology Analysis 

- Flammability Analysis 

- Ion izin g Radiation Summary report 

- 0 2 Depletion Analysis 

- Any material testing plan/results (1 e corrosion, compatibility, structural, etc ) 
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Mechanical Subsystems: 
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Mechanical Subsystem: 

- Rotating Machinery, pumps, compressors, turbines, centrifuges, motors, disk drives 

- Fasteners, lock pins, guide pins 

- Doors, covers, screens, actuating mechanisms, latches 

Subsystem Description: 

- Include a description of these items and their operation 

- Provide cutaway drawings showing design details. 

Safety Assessment Summary and Safety Features: 

- List hazards along with design features that mitigate the hazard 

- Describe structural analysis and summarize appropnate margins. 

- Describe the human factors engineering of these devices 

- Describe the containment and tethenng of these devices 

- Describe the overspeed protection 

- List any fracture critical parts 

- Describe any redundant features 

Verification Summary: 

- Functional testing of the overspeed controls/ must-work mechanisms 

- Inspection of as-built hardware. 

- Summary of the structural analysis and/or test 

Notes: The following information is needed for this section. As mentioned above, some of this information should 
be mcluded with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropnate 

Supporting Data: 

- Structural Analysis/Test 

- Functional Test Reports 

- As-built Hardware Inspection Reports 

- Fracture Control summary 

- Containment Analysis 
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Non-Ionizing Radiation Subsystems 
Electromagnetic Interference (EMI) 
Radio Frequency (RF) Radiation 
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Non-Ionizing Radiation Subsystem: 

Electromagnetic Interference (EMI): 

- Generated from electronic equipment 

- May be generated by the expenment/payload earner 

- Can be radiated and/or conducted 

- Includes components that may be susceptible to EMI 

Description: 

- Descnbe the electncal systems which are suspected to generate radiated and/or 

conductive EMI 

- Provide illustrations of these systems which reveal their relative location m respect to 

the complete experiment/payload 

Summary of Safety Assessment and Safety Features: 

- Compare the EMI generation and/or susceptibility of the experiment to the limits 

dictated by the payload-to-Orbiter/Camer ICD (Interface Control Document) 

- Describe any shielding provided for protection from EMI Include diagrams of the 

shielding. (Supporting Data) 

- Describe the bondmg/groundmg designed and built into the electncal systems suspected 

to generate EMI Provide electncal schematics which illustrate the 
bondmg/groundmg mcluded in the design (Supporting Data) 

Verification Summary: 

- Summarize the results of the system-level conductive and radiated EMI tests 

- Summarize the results of the EMI susceptibility test 

- Summarize the results of experiment circuit compatibility with the EMI environment 

specified m the ICD 

- Relate all test values to the ICD EMI limits/levels for verification of compliance 

- Refer to qualification procedures and reports for verification. 

Notes: The following information is needed for this section As mentioned above, some of this information should 
be mcluded with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate 
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Supporting Data: 

- Include schematics showing all shielding and/or electrical bonding/grounding, (from 

Safety Features section) 

- Data/Reports showmg potential EMI levels from the experiment relative to ICD limit 

levels 

- Data/Report showmg circuit compatibility with die EMI environment (EMI susceptibility) 

specified m the ICD. 
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Non-Ionizing Radiation Subsystem: 

Radio Frequency (RF) Radiation: 

- Generated from transmitter antenna systems 
Description: 

- Describe RF transmitter antenna system 

- Include illustrations of the system and its location 

- Define energy levels of the antenna m all modes of operation (high, low, etc ) 

- Define the minimum safe distances for EVA crew members during worst-case 

emissions 

- Define the energy levels for expenment-to-expenment and expenment-to-carrier 

irradiations 

Summary of Safety Assessment and Safety Features: 

- NSTS 1700 7B defines radiation m excess of the ICD limits as a catastrophic hazard. 

Those below ICD limits are considered critical hazards 

- Describe the electrical inhibits used to prevent a hazard. 

- Describe each control for each inhibit and establish it independence 

- Indicate how each inhibit is momtored. (Inhibit monitors are required if radiation levels 

exceed ICD limits be more than 6 dB ) 

- Describe ground/retum leg inhibit and any RF commanding and encryption 

implemented 

- Define the fault tolerance of the system electrical inhibits including Orbiter interfaces 

- Include schematics/block diagrams showmg electrical inhibits used to prevent 

inadvertent RF transmissions (Supporting Data) 

- Define the zones of exclusion when the hazard is controlled by avoidance of the 

hazardous area. 


Verification Summary: 

- Specify how the electrical inhibits and controls were verified to withstand the expected 

shuttle environment 

- Summarize the analysis that verifies the fault tolerance of the control system 

- Refer to qualification procedures and reports for verifications 
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Notes: The following information is needed for this section As mentioned above, some of this information should 
be included with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate 

Supporting Data: 

- Include schematics/block diagrams showing electrical inhibits used to prevent 

inadvertent RF transmissions (from Safety Features section) 

- Include a table listing the electrical inhibits, when last cycled, and how verified 

- Data/Reports showing potential RF levels from the experiment transmitters relative to 

ICD limit levels. 
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Optical and Laser Subsystems: 
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Optical and Laser Systems: 

- Includes optical/laser components such as the laser source, the cable, surface mirrors 

and gratings, lenses, beam splitters and prisms. 

- Includes lights, baffles, covers, lasers, and cameras 

Subsystem Description: 

- Describe any optical systems used m the experiment 

- Describe any laser systems, include the type of laser, the laser class, and the function of 

the laser 

- Define the laser's minimum/maximum energy output, the wavelength(s), pulse (with 

frequency) or continuous wave, and maximum permissible exposure levels for 
humans to the wavelength(s)/energy levels 

- Provide drawings showmg physical location and orientation of all optical and laser 

systems within the overall system 

Safety Assessment Summary and Safety Features: 

- Identify any operational or design safety features, such as baffling of light, containment 

of shatterable material, safe targets for lasers, and isolation of crew and the 
Orbiter from any hazardous fluids that are typically used with optical telescopes 

- Specify the number and list the electrical/mechanical inhibits that prevent occurrence of 

the hazard 

- Describe each control for each inhibit and establish its mdependence Indicate how 

each inhibit is monitored 

- Describe ground/retum leg inhibit and any RF commanding and encryption 

implemented 

- Define the fault tolerance of the system electrical/mechanical inhibits including Orbiter 

interfaces 

- Specify any interlocks to prevent operation unless a specific physical configuration is 

achieved 

- Define the containment (mechanical, attenuation or dispersion) features of the system 

design to preclude crew exposure to laser emissions m excess of the allowable 
MPE 

- Describe any mechanisms that require precision orientation to assure a safe optical path 

Describe the design features that assure operation only when the optical path is 
"safe" 

- Describe any crew procedures used for hazard control 

Verification Summary: 

- Summarize analyses which verifies the fault tolerance Show how the analysis 

substantiates inhibit mdependence 

- Summarize the testing process which verifies containment of laser emissions 

- Summarize the testing process which verifies the interlock mechanisms 

- Describe the inspection process used to verify that the safety features mentioned m the 

above section have been implemented properly. 
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Notes: The following information is needed for this section As mentioned above, some of this information should 
be included with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate. 


Supporting Data: 

- Include a table listing all laser sources, their energy, wavelength, pulse characteristics, 

dispersion characteristics, hazard classification, etc 
• Schematics showing all inhibits, controls and monitors For any interlocks mclude a 
diagram indicating the interlock mechanism 

- Drawing indicating the optical path(s). Indicate the containment feature around the 

optical path(s). 

- Crew procedures used to control the hazard 

- Containment Test Results. 

- Interlock Mechanism Test Results 
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Pressure Subsystems: 
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Pressure Subsystem: 


- Pressure vessels, lines and hoses, support members 

- Valves, regulators, filters, fittings, bellows 

- Instrumentation, components 

- Sealed containers 

Subsystem Description: 

- Describe the purpose and planned operation of the subsystem 
• Include a detailed system schematic. 

- Provide functional schematics 

- Provide cutaway drawings of major components 

- Identify fluids and gases by name, identify quantities 

- Categorize the hazard level posed by a gas/fluid release 

- State the MDP and provide a basis for its determination 

- Describe the scope of the pressure system as defined by the project (1 e is the exhaust 

portion within the pressure system envelope?) 

Safety Assessment Summary and Safety Features: 

- Describe the basis for the systems MDP 

- Provide a two fault analysis for determining the MDP 

- Consider the worst case environmental conditions 

- Consider a compatibility analysis of the pressure system components 

- Provide listing of fracture critical components 

- Consider failure of heaters 

- Describe any use of software forpressure system operation and/or hazard control 
Verification Summary: 

- Provide summary of pressure system vibration testing pressurized at MDP 

- Provide summary of proof testing results. (i.e NDE, flaw screening, etc.) 

- Provide summary of leak testing results 

Notes: The following information is needed for this section As mentioned above, some of this information should 
be included with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate 

Supporting Data: 

- Include a table listing the fluid system components, their respective MDP’s proof and 

burst pressures, and margins 

- Summary table giving rational for usage of stress corrosion sensitive materials 

- Include any materials testing done on pressure system components 
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Structural Subsystems: 
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Structural Subsystem: 


- May consist of beams, plates, housings, brackets, braces, attachment fittings, structural 

fasteners 

- Used to support experiment components 

- Used to attach the experiment to the integrated payloads 

Subsystem Description: 

- Identify all major structural elements 

- Provide diagrams identifying primary and secondary structures, front, top and side 

views 

- Provide a listing of the materials used m the primary and secondary structure. 

Safety Assessment Summary and Safety Features: 

- List the safety and design requirements that were used as a basis of the design 

- Describe how the maximum expected loads were determined 

- Describe the method used or design features which will prevent fastener backoff from 

occurring 

Verification Summary: 

- Describe m detail the analysis and testing approach that will be used to demonstrate that 

the structural integrity of the payload will be maintained 

- Describe the program for assuring that the fasteners used meet the design specifications 

and ensure that no counterfeit fasteners are used 

- Describe what type of positive backoff protecting for threaded fasteners is used 

Notes: The following information is needed for this section As mentioned above, some of this information should 
be included with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate 

Supporting Data: 

- Summary table of stress corrosion sensitive materials 

- Fracture Control Summary Report 
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Applicability Matrix 

The applicability matrix is a standardized form from JSC (form 1090) It is provided on the following page 
for reference This form relates the hazard reports for a particular subsystem to the technical requirements in NSTS 
1 700.7B It is important to keep this form updated such that it reflects the current hazard reports m the SCDP 
Instructions for the proper completion of this form are given m NSTS 13830B, App B, pg. B-2 and JA-012D, App 
A, pg A4-2 

NOTES* 

The GSFC Safety Handbook has its own form called the GAS Payload Safety Matrix It provides less information 
It does not reference the requirements m NSTS 1700.7B 
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NSTS PAYLOAD SAFETY REQUIREMENTS APPLICABILITY MATRIX 





Hazard Report List/Status 

The hazard report list/status provides a listing of the hazard reports and information on their status The 
form is shown on die following page The hazard report reference number is arbitrarily assigned to each hazard title 
on the list starting with number one and increasing sequentially. This number corresponds with the hazard report 
reference number on the applicability matrix (Refer to page 67 for an identification of the relationship between the 
hazard report, die applicability matrix and the hazard report list/status ) The hazard report number is the number 
assigned to each hazard report and can be found m the upper right hand comer of the hazard report The hazard title 
is gathered from each hazard report Alterations/comments refers to any change of a hazard report resulting from an 
action item and/or a change of design This column will provide updated information about each hazard report 
The status column should display whether the hazard report is open, closed, or has been deleted A hazard report is 
closed with the assessment of all hazard report related action items and with the completion of all verification 
methods This is the only complete listing of the hazard reports. It is important to keep this list updated and to 
provide the appropriate comments for bookkeeping purposes. NOTE All changes of hazard reports will be 
identified by a bar in the right hand margin of the hazard report 

NOTES 

NSTS 13830B requires form 1090A This form only asks for die matrix element reference number, the hazard 
report number, and the hazard title The payload (experiment), phase, and date are the same The page numbering 
was unnecessary since the pages will be numbered with respect to the complete package as described m the table of 
contents The title of this table has been changed from “NSTS Payload Safety Requirements Applicability 
Descriptive Data” 

The GSFC Safety Handbook has a “GAS Hazard List” which provides the hazard group, hazard title, and applicable 
safety requirement The hazard group is not mcluded The applicable safety requirements are covered m the 
applicability matrix. The payload (experiment) and the date are on this new form The subsystems are listed on the 
applicability matrix and can be traced back to there from the hazard report numbers. 

JA-012D provides an “Experiment Safety Package Cover Sheet” which is actually a hazard report list/status page 
This page mcludes the experiment, payload, phase, date, and page numbers The payload is not necessary for this 
listing. The page numbers will follow the page numbers of die complete package as described in the table of 
contents The rest of the information is also provided on the new form The column titles are number, hazard title, 
remarks, disposition, and general comments. The remarks and general comments are combmed into 
alterations/comments The disposition is the same as the status. There are also comments about h azar d report status 
in the text of this document Assessmg the changes of the hazard reports for impact to safety is covered in the 
revision page and does not need to be repeated here 
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Hazard Report List/Status 

Experiment: I Phase: I Date: 


Hazard 

Report 

Hazard 

Report 

Hazard Title 

Alterations/Comments 

Status 

Reference 

No. 

No. 














Hazard Reports 

This section contains the hazard reports which identify potential hazards of the subsystem, causes of the 
potential hazards, methods for controlling the hazards, and verifications of the control measures This information 
will be provided on the JSC Form 542B for hazard reports which is provided on the following page for reference. 
(Refer to page 53 for an identification of the relationship between the hazard report, the applicability matrix and the 
hazard report list/status.) NOTE For instructions on the proper method of completing a hazard report form refer to 
NSTS 13830B, Appendix A, JA-012D, pages A2-1 to A2-6, or JSC 26943 , Part II It is important to format the 
hazard reports identically for consistency and ease of reading Each hazard cause should be placed on one page 
with its corresponding controls and verifications Along with the hazard reports will be all of the schematics, 
figures, reports, plans, etc. needed to provide a complete safety assessment of the potential hazards described m the 
hazard reports 

The following hazard reports are considered common hazards for particular subsystems Other more 
unique hazards may be present m a subsystem and should be properly assessed for safety in the manner displayed m 
this package It is important to realize that the hazard reports provided are not to be used as they exist in this 
package. They are to be used as a template only, and should be used to develop and document experiment- 
specific information. 

NOTES 

The hazard report templates have not been inserted. LeRC Safety Assurance Office is currently working on 
developing these hazard reports. 

The mam changes to the hazard report form mclude the exclusion of the hazard group and the alteration of the 
signatures The hazard group was excluded to avoid confusion, smce it was not addmg needed information. The 
signatures were altered to mclude only the necessary signatures for the approval of the hazard report 
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EXPERIMENT FUGHT HAZARD REPORT 


NO 




EXPERIMENT 

PHASE 

SUBSYSTEM 

DATE 

HAZARD TITLE 

APPLICABLE SAFETY REQUIREMENTS 

HAZARD CATEGORY 


CATASTROPHIC 


CRITICAL 

DESCRIPTION OF HAZARD 


HAZARD CAUSES 


HAZARD CONTROLS 


SAFETY VERIFICATION METHODS 


STATUS OF VERIFICATION 


APPROVAL 


PHASE I 


PHASE II 


PHASE III 


PREPARER 


PROJECT MANAGER 


INTEGRATION MANAGER 


PANEL CHAIRMAN 


Based on JSC Form 542B (rev Nov 82) 


NASA-JSC 
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EXPERIMENT FLIGHT HAZARD REPORT CONTINUATION SHEET 


NO 



Based on JSC Form 542B (rev Nov 82) 
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Noncompliance Reports, Waivers, Deviations 

The noncomphance report list provides information on all noncompliance reports which have been 
submitted to the PSRP A noncompliance report is necessary only when a safety requirement cannot be met The 
noncompliance is documented on JSC Form S42C which is provided on the following page for reference 
Justification must be given m die noncomphance report to conclude that an alternate method of design, procedures, 
configuration, etc has a comparable or higher degree of safety. If the noncomphance report is approved, the PSRP 
will issue a waiver (approved for one mission only) or a deviation (approved for multiple missions) All 
noncomphance reports must be closed before the Phase III safety review. A list of all submitted noncomphance 
reports and their status will be provided for easy reference. This list will state the noncomphance item with 
information about its acceptance or rejection. The list will track all noncomphance reports whether or not they have 
become waivers and deviations An example of the noncompliance report list is shown on a following page Also 
include in this section the actual noncompliance reports, waivers, and deviations NOTE Detailed information on 
noncomphance reports, waivers, and deviations can be found in NSTS 13830B sections 6 0, 6 1, and 6 2 For 
reflown or series flights, watvered conditions must be corrected and deviations must be revalidated after each flight 

NOTES. 

This table was suggested by JSC 26943 and NSTS 13830B 

NSTS 13830B goes mto much more detail on the process of completing and sending an NCR. This paragraph is to 
inform the preparer that a list and the reports are needed, it is not for the complete explanation of what a NCR is and 
how to fill it out and use it 

JSC Payload Safety Class refers to this section as Non-comphant Items It suggests including a copy of the 
approving correspondence. This is unnecessary if the NCR are all signed 
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No. 

Title (brief reference to noncomphance) 

Payload Identification (Include reference to applicable payload element, subsystem, and/or component) 

Applicable Requirement 

Description of Noncompliance (Specify how the design or operation does not meet the safety requirement) 

Hazard or Hazard Cause (Include reference to Hazard Report) 

Reason Requirement Cannot be Fulfilled 

Rationale for Acceptance (Define the design feature or procedure used to conclude that the noncomphance condition is safe 
Attach applicable support data, 1 e drawings, test reports, analysis, etc ) 


APPROVAL SIGNATURES 

Payload Organization Date 

WAIVER APPROVAL I DEVIATION APPROVAL 

Effectivity Effectivity 

STS Operator Date STS Operator Date 

JSC Form 542C (Rev Mar 83) 


Date: 


Payload Safety Noncompliance Report 
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Safety Related Failures/Accidents 

This section describes the safety related failures and accidents which have occurred during experiment 
processing, testing, and checkout The description should include a summary of each failure/accident along with a 
safety assessment which identifies all impacts to the STS and/or other payloads and facilities This section will not 
appear m a SCDP until the experiment has begun processing, testing, and checkout activities which typically occurs 
after the Phase I safety review. 

NOTES 

The information about when this section appears m a SCDP was added for clarification Both NSTS 13830B and 
JA-012D do not discuss this topic until the phase II SCDP 

JA-012D words this section slightly different 
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Safety Verification Tracking Log 

The safety verification tracking log is used to record the status of the open safety verification items of the 
hazard reports The verification tracking log is a standardized JSC Form (no 764) and is provided on the following 
page for reference This form should be mcluded m all phases of the SCDP and should be updated per each phase 
until all verifications are closed The goal is to have all verifications closed by the Phase III safety review, however, 
closure of verifications is required before flight Instructions for completing the form can be found m NSTS 
13830B, Appendix C. The page following the SVTL is provided to help show the relationship between the SVTL 
and a hazard report. 

NOTES* 

All of the information in the documents about the SVTL is covered in this paragraph or m the table itself 

JA-012D refers to an Open Safety Items List which is a list of all open safety items requiring closure after the flight 
hardware is delivered The SVTL covers some of the same information along with the list of AI. 
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NSTS PAYLOAD FLIGHT 
SAFETY VERIFICATION TRACKING LOG 

Payload/Element Date 

Log No 

Hazard 

Report 

Number 

Safety 

Verification 

Number 

Description 

(Identify Procedures By 
Number and Title) 

Ground 

Operation(s) 

Constrained 

Independent 

Verification 

Required 

(Yes/No) 

Schedule 

Date 

Completion 

Date 

Method of Closure 
Comments 
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Certificate of NSTS Payload Safety Compliance 

The Certificate of NSTS Payload Safety Compliance provides a formal approval from the payload 
organization payload manager stating that the experiment complies with all of the applicable requirements of NSTS 
1700 7B This certificate is JSC Form 1 1 14A which is provided on the following page for reference. It is typically 
prepared for the Phase in SCDP, but is required to be submitted along with the latest verification tracking log ten 
days pnor to the Flight Readmess Review 

NOTES 

JA-012D has its own certificate which states safety compliance with NSTS 1700 7B and that the payload is prepared 
for integration. It also requires an open item’s list which is similar to the SVTL The Open Items List is to provide 
a description of open safety items requiring closure after the flight hardware is delivered 

The JSC Payload Safety Class requests a paragraph stating management approval and submission of the SCDP 
constitutes certification of the SCDP completeness, accuracy, and validity Also included is a statement of 
compliance with safety requirements The Certificate accomplishes this 
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Certificate of NSTS Payload Safety Compliance 


For 


(Payload) 

Payload Design and Flight Operations 
The Payload Organization hereby certifies that: 

(1) The payload is safe. 

(2) The payload complies with all applicable requirements of 
NSTS 1700.7B, “Safety Policy and Requirements for Payloads 
using the National Space Transportation System.” 

List of approved Waivers/Deviations: 


Approved: (Payload Organization Payload Manager) 


Date: 


JSC Form 11 14A (May 89) 
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Appendix A: Applicable Documents 


This section is a listing of all of the applicable safety related documents used to substantiate safety 
compliance m the SCDP It is important to use the current revisions of each document m the development of the 
SCDP This list should include each document’s title, number, revision number or letter, and date The following 
list is provided for reference, documents should be added or deleted to this list depending on which were used The 
dates and the revision numbers or letters have not been provided due to the continuous revision of many documents, 
however, the current revisions of the documents should be listed 


Applicable for all Experiments: 

NSTS 13830 Implementation Procedure for STS Payloads System Safety 

Requirements 


NSTS 14046 Payload Verification Requirements for the Space Shuttle Program 

NSTS 18798 Interpretations of NSTS Payload Safety Requirements 


NSTS 2 1 000-EDD-MDK 
NSTS 1700 7 
ICD 2-1-19001 


KSC: 


KHB 1860 1 


Shuttle/Payload Interface Definition Document for Middeck 
Accommodations 

Safety Policy and Requirements for Payloads Usmg the Space 
Transportation System 

Shuttle Orbiter/Cargo Standard Interfaces (Attachment 1 to NSTS 
07700, Volume IV) 


KSC Radiation Protection Handbook 


KHB 1860 2 
MSFC: 
JA-012 
JA-061 

JA-081 

JA-276 


KSC Non-ionizmg Radiation Protection Program 


Payload Projects Office Payload Safety Implementation Approach 

Payload Mission Manager Interface and Safety Verification 
Requirements for Instruments, Facilities, MPE, and ECE on STS 
Spacelab Payload Missions 

Payload Mission manager Interface and Safety Verification 
Requirements for Instruments, Facilities, MPE, and ECE on STS 
Partial Payload Missions 

Payload Mission Manager Interface and Safety Verification 
Requirements for Instruments, Facilities, MPE, and ECE on STS 
Orbiter Middeck Payload Missions 


JA-418 


Payload Flight Equipment Requirements for Safety-Critical 
Structures 
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JA-447 Mission Requirements on Facilities/lnstruments/Experanents for 

Space Transportation Systems (STS) Attached Payloads 
(MROFIE) 

GSFC: 

— GAS Experimenter’s Guide to the STS Safety Review Process and 

Data Package Preparation 


NOTES 

The title of die document was added to the list because some documents do not have numbers This list has been 
generated as an example The majority of this list is from JA-012D, section 4 0 

JSC Payload Safety Class suggests including this list m die introduction 
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Appendix B: Project Schedule 

This section provides a schedule of all of the major design and safety reviews. This list should display the 
name of the review and its planned date. The dates should be updated if changes are made m the schedule. NOTE 
For project schedule guidance, refer to JSC Payload Safety Class Module II, Section G, provided on the following 
pages 

NOTES 

The JSC Payload Safety Class mcludes this in the mission description. 

NSTS 13830B only discusses it m die review meetings, however, it is important to have it for reference 
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G. Schedule 


Having seen the flow of activities and schedule of the integration process, let’s consider how the safety process fits 
in Design of die payload will usually have progressed to some pomt before the approval for mission assignment is 
granted. That says that the safety process should be underway even before the payload has a flight assignment The 
two processes first come together with approval of the 1628 From that pomt they are running in parallel and are 
pegged together at milestones such as design reviews, readiness reviews, delivery to the launch range, processing 
points and launch 

Figure II- 1 depicts the overall flow and relationships of the payload design, integration, system safety and payload 
safety review processes. It should be clear from looking at the chart that the safety effort cannot wait until the 
integration process starts There is too much safety data required to support the PIP and ICD There is also too 
much design work done If the safety process is not started until die design is complete and hardware is bemg built, 
the cost of correcting hazards goes up tremendously. Remember, it is a lot less expensive to change a Ime on a 
piece of paper than it is to modify a piece of hardware 

Figure n-3 looks at the relationships from another perspective The hazard reports form the basis for much of the 
activity that occurs during the integrated cargo development and control process 
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Ground Safety Compliance Data Package Template 
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Cover Page 

Every SCDP begins with a cover page This page provides the title of the experiment, the phase of the data 
package, and the preparation date Often, this page is placed on a company letter head in order to identify the 
company or NASA center where the package was prepared This page can be arranged m any fashion The 
following page is an example of a typical cover page 


NOTE 

There are no requirements for this page 
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TITLE OF EXPERIMENT 


PHASE _ GROUND SAFETY COMPLIANCE DATA 

PACKAGE 


DATE 


(Sample Cover Page) 
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Title Page 

The title page provides necessary information about the package as well as the mvolved personnel Similar 
to the cover page, die title page mcludes the experiment name, the phase of the data package, and the preparation 
date In addition, it provides the contract number and the signatures of the responsible personnel, which include the 
authors), program manager, chief engmeer, and the organization safety representative Included under the 
personnel signatures are their printed name, title, and affiliated company or NASA center A sample title page is 
provided for reference NOTE Additional lines should be added for more than one preparer The signatures are 
interpreted as a concurrence of the SCDP 


NOTES 

To avoid confusion, revision numbers have been excluded 

JA-012D’s cover page is the hazard list page and will be included m the hazard list section, NOT the title page 
Information under the signature line and the phase number have been added 
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EXPERIMENT NAME 


Phase Ground Safety Compliance Data Package 

Date 

Contract #: 


Prepared By 


Name 

Title 

NASA Center or Company 


Approved By 


Name 

Program Manager 
NASA Center 


Name 

Chief Engineer 
NASA Center 


Concurred By 


Name 

Title (Organization Safety Representative) 
NASA Center 


(Sample Title Page) 
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Preface 


The preface is a brief paragraph which explains the requirements of the SCDP contract This mcludes a 
statement of compliance with requirements specified m KHB 1700 7B and a reference to the applicable documents 
page for supplementary compliance documents The preface also provides additional information about the 
responsible personnel including phone numbers and mailing addresses Furnishing the GSRP with this information 
allows them to contact the responsible personnel in order to resolve technical issues and questions 

NOTES 

JSC Payload Safety Class mcludes the statement of compliance with the requirements m the introduction and a list 
of all applicable documents This is covered m the preface which mcludes a reference to the applicable documents 
appendix. It also mcludes the reason why a SCDP needs to be submitted which is mcluded m the preface as the 
requirements of the SCDP contract. 
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Action Items 


The action items (AI), which evolve from safety panel reviews, are accounted for through an AI table An 
AI table is provided on the following page for reference. This table numbers, lists, and provides information about 
a particular AI which mcludes its current status and closure rationale. The AI number is assigned at safety reviews 
and can be obtained through the minutes of the meeting The current status is listed as either open or closed with a 
closure date The closure rationale explains the reasons for which the AI was accepted as being closed It is the 
responsibility of the SCDP developer to track all AIs to closure All AIs must be closed by the GSRP prior to the 
Phase III Ground Safety Review to be considered complete. Often, AIs are prematurely closed pnor to or at the 
Phase III Ground Safety Review with an understanding that they will be tracked through the SVTL (Safety 
Verification Tracking Log) and officially closed during processing by KSC Ground Safety personnel A Phase 0 
SCDP should have a blank AI table as a placeholder for future SCDP iterations, there will be no AIs smce the Phase 
0 SCDP is the first official version of the SCDP 


NOTES 

The AI Number has been added m order to easily identify each AI. The closure date has also been added as further 
information for the AI The explanations of each table header was added for clarification The AI section has been 
moved to the front of the package due to its importance 
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Action Items 
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Revision Page 

The revision page describes the significant alterations made to the SCDP after Phase II that occur due to 
action items, major engineering design changes, and/or control measure changes Some of these changes are 
suggested by the engineers and designers and may be presented m ECRs (engineering change requests) All design 
changes are assessed for safety, documented in the SCDP, and recorded m this table It is not necessary to 
document insignificant editorial revisions As shown on the succeeding page, the revision page will mclude the 
following information the revision number, revision description, the location of the response data, and the revision 
date The location of the response data is a listing of the page and paragraph number or hazard report number of the 
adjustment in the SCDP which resulted from the revision Hazard report alterations are to be referenced to the 
hazard report list/status page m order to avoid duplication of status A Phase 0 package will not contain a revision 
page since it is the first official copy of the SCDP NOTE All significant revisions made to the SCDP will be 
identified by placing a bar in the right hand margin next to the altered paragraph or statement in the SCDP 

NOTES 

NSTS 13830B details the safety assessment on changes to mclude effects on interfaces This is understood by 
saying that the changes should be assessed for their impact on the system’s safety 

The ECRs are only mentioned in JA-012D 

There is no direct requirement for a revision page There are only references to changes and recording these 
changes This table was created in order to help the safety engmeer keep track of all of the changes 
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Revision Page 
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Table of Contents 


The table of contents presents all of the section and subsection numbers, titles, and page numbers. The 
pages between and including the preface and acronyms and abbreviations should be numbered with Roman 
numerals This excludes the cover and title pages, which are typically not numbered After the acronyms and 
abbreviations page, the pages should be numbered sequentially within each section This involves usmg a 
compound numbering system in which the first number represents the section number and the second number 
represents the page number m that particular section (1 e pg 1-5 is section 1, page 5) Using this technique, each 
section will begin on a new page. This method easily allows for additional pages to be added per section without 
disrupting the complete numbering system All sections with Roman or Arabic numerals should appear in the table 
of contents The total number of pages of the complete package is also mcluded to ensure the reader that he/she has 
received the complete package. NOTE The individual hazard reports will be separately listed elsewhere in the 
package and do not need to be listed by name here 


NOTES 

The JSC Payload Safety Class suggested addmg a letter to designate added pages This is unnecessary if the 
compound numbering system is used The JSC Payload Safety Class also gives you a choice of listing the hazard 
reports in the table of contents or at the beginning of the hazard report section. The note explains the use of the 
hazard report list found later in the package. 

Further instructions on how to number the SCDP have been provided here for guidance 
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List of Figures and List of Tables 

Following the table of contents is the list of figures and the list of tables These two separate lists follow 
the format of the table of contents and, m effect, look as though they are a part of it The figures and tables have a 
separate compound numbering schemes similar to the page numbering system. The first number represents the 
section number and the second number represents the figure or table number m that particular section (1 e figure 1-6 
is section 1, figure 6) 

NOTES 

Some of the documents discuss these together and some do not The information stated here was gathered from 
referencing previously written SCDPs 
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Acronyms and Abbreviations 

This section is a list of all of the acronyms and abbreviations and their complete names used throughout the 
SCDP The list will stand as a reference for those not familiar with the terminology The following is a listing of 
common acronyms and abbreviations which are typically used m a SCDP This list is provided only as a reference 
for the preparer. This list should be altered and amended to reflect the appropriate acronyms and abbreviations for a 
particular project 


AC 

Alternating Current 

AI 

Action Items 

ASE 

Airborne Support Equipment 

CDMS 

Command and Data Management System 

DC 

Direct Current 

ECR 

Engineering Change Request 

ED 

Experiment Developer 

EGSE 

Electrical Ground Support Equipment 

EMI 

Electrical Magnetic Interference 

EVA 

Extravehicular Activity 

FMEA 

Failure Modes and Effects Analysis 

GAS 

Get-Away-Special 

GSFC 

Goddard Space Flight Center 

GFE 

Government Furnished Equipment 

GSCDP 

Ground Safety Compliance Data Package 

GSE 

Ground Support Equipment 

GSFC 

Goddard Space Flight Center 

GSRP 

Ground Safety Review Panel 

ICD 

Interface Control Document 

JSC 

Johnson Space Center 

KHB 

Kennedy Handbook 

KSC 

Kennedy Space Center 

LeRC 

Lewis Research Center 

MDP 

Maximum Design Pressure 

MIP 

Mandatory Inspection Pomt 

MIUL 

Material Identification Usage List 

MLI 

Multi-Layer Insulation 

MPE 

Mission Peculiar Equipment 

MSDS 

Material Safety Data Sheet 

MSFC 

Marshall Space Flight Center 

MUA 

Material Usage Agreement 

NASA 

National Aeronautics and Space Administration 

NCR 

Noncompliance Report 

NDI 

Non-destructive Inspection 

NHB 

National Handbook 

NSTS 

National Space Transportation System 

PGSC 

Payload General Support Computer 

PHA 

Preliminary Hazard Analysis 

PHR 

Payload Hazard Report 

POCC 

Payload Operations Control Center 

PSRP 

Payload Safety Review Panel 

SCDP 

Safety Compliance Data Package 

SH 

Spacehab 

SL 

Spacelab 

SRM&QA 

Safety, Reliability, Maintainability, & Quality Assurance 
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SSP 

Space Shuttle Program 

STS 

Space Transportation System 

SVTL 

Safety Verification Tracking Log 

TBD 

To Be Determined 

TOP 

Technical Operating Procedure 


NOTES ( FOR ACRONYMS AND ABBREVIATIONS) 
This list provided is not suggested in any document 
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Introduction 


The introduction describes the format of the ground SCDP A correlation is made between the progress of 
the experiment and the phase of the SCDP. This informs the reader of the maturity of the experiment and SCDP. 
The actual content of the SCDP depends on the phase Early phase packages contain considerably less information 
but exist as a base m which information can be added for a complete Phase III package. This paragraph includes the 
approach taken to provide the information necessary for a package of the appropriate phase It should mention that 
the SCDP is broken into sections where each section represents a subsystem In each one of the sections is the 
safety-critical subsystem description, subsystem safety assessment summary and safety features, and verification 
summary The introduction should also mclude any other general information pertaining to the SCDP. For 
instance, it is suggested to mclude a statement about the project schedules m the appendix smce they are an 
important asset to the overall project 

NOTES 

This introduction does not fit with the definition of introduction given in JSC Payload Safety Class The JSC 
document introduction is the payload and mission overview which will be covered m the experiment overview and 
the mission description, respectively The requirements which are satisfied by the SCDP are already covered m the 
preface (KHB 1700 7B) and are also listed in the applicable documents section m the appendix. The purpose of the 
hazard analysis and the desired results are also covered m the preface. The JSC Payload Safety Class also addresses 
the description of the subsystems which is covered m the Subsystem Description of this package 

No other documents suggest this type of an introduction It is necessary in order to prepare the reader for the 
content of the SCDP Often, the overall payload and mission description is included under the introduction There 
are separate sections for both of these topics m this package. 
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Mission Description 

This section provides a description of the mission on which the experiment is to be flown Included in the 
description is the name of the mission, mission objectives, and mission characteristics The mission objectives 
explain the purpose and goals of the mission 

The mission characteristics entail the launch location, launch date, launch wmdow, attitude, mission duration, 
primary landing site, and payload configuration 

NOTES 

JSC Payload Safety Class mcluded the mission objective in the introduction The JSC document also mcluded the 
payload objective and project schedules The payload objective is mcluded m the experiment overview and the 
project schedules have been placed m an appendix There is information m this section which may be on a mission 
schedule, such as the mission’s launch date and launch wmdow The JSC Payload Safety Class also includes flight 
operations which are not m this mission description. The flight operations will be detailed m the Flight SCDP The 
ground operations are also discussed m die JSC Payload Safety Class’s mission description This is covered m this 
package m the ground operations section 

JA-012D mcludes the mission description with the payload description 

NSTS 13830B has also mcluded the mission description with the payload description 
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Experiment Overview 

The experiment overview should be divided into two subsections which describe the payload and the 
experiment If an experiment is large in size and fairly complex it is common to consider it as a payload. In this 
case, there will not be a separate description for the payload and the experiment since they are one and the same 
This section may change with the alteration of the design. It is important to keep this information updated 
throughout the various phases of the SCDP NOTE If the payload/ experiment is to be reflown or is part of a series 
flight then refer to NSTS 13830B section 8 0 or JA-012D section 7 O for complete instructions and also note this 
fact in this section. 

The payload description should include the payload name, its location on the STS, and the overall 
objectives of the payload A diagram of the location of the payload may be used to help explain the payload’s 
location and its orientation on the STS. 

The experiment description addresses the objectives of the experiment and the experiment’s overall design 
If the experiment is a GAS experiment then it is also necessary to identify the classification as either “B” or “C” 
NOTE Reference the GSFC Safety Handbook, section 4 1 , pg 9, for an explanation of the classification system 
The overall design should mention all of the safety critical subsystems and their associated ground operational 
hazards References should be made to the flight SCDP for subsystem details 


NOTES 

This section has been altered from the flight SCDP The operational scenario and the Orbiter provided critical 
services and interfaces have been excluded. These topics are more detailed than is needed in a ground package 
The GSFC Safety Handbook and JSC Safety Office mclude the operational scenario, however, these documents do 
not require a separate ground SCDP, so naturally this would be mcluded Both the JSC Safety Office and the JSC 
Payload Safety Class mclude the Orbiter provided critical services and interfaces m the SCDP. Neither of these 
documents differentiates between the flight and ground packages Therefore, there are sections mcluded which are 
not necessary for both flight and ground SCDP. Some of the wording has been slightly changed, such as the 
referencing of the flight SCDP for subsystem details and the referencing of the section m the ground SCDP for GSE 
details By referencing the flight SCDP for the detailed subsystem description, it can be omitted m the ground 
SCDP The GSFC Safety Handbook and the JSC Safety Office both require this m the SCDP However, as 
mentioned above, both of these documents combine the ground and flight SCDP It is unnecessary to have the 
detailed subsystem descriptions m both packages 

JSC Payload Safety Class covers die scope and purpose of the payload and the hardware under the Introduction 
The scope and purpose of the payload will be addressed m the payload objectives and the experiment objectives 
The introduction also requires identification of the primary system, support systems, operational interfaces, and 
facilities. These have all been moved to the experiment overview This document also mcludes the payload 
objective under the mission description The detailed subsystem descriptions are also mcluded m the 
payload/system description m the JSC document All detailed descriptions have been moved to the subsystem 
descriptions. 

GSFC Safety Handbook mcludes the objectives of the experiment, the classification, conceptual descriptions, and 
operational scenarios All of these except the operational scenario have been combmed and mcluded m this section 
as mentioned above 

As the phases progress, JA -01 2D stresses a fully developed description of the complete experiment This will be 
covered m the subsystem description m which this section references the reader to the flight SCDP 

The payload description and experiment descnption are combmed mto one section The payload location is 
mcluded in the payload descnption No document actually calls out for the payload location 
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Ground Operations 

This section should briefly describe the ground support equipment (GSE) and reference the sections m the 
ground SCDP which provide further detail on each GSE and the associated subsystem Illustrations and figures 
should be mcluded to aid m the description of the GSE Also mclude operations flow diagrams which reveal all of 
the planned ground operations in a flow chart orientation It is necessary to detail pre-flight, normal post flight, and 
contingency post flight m the ground operations flow diagrams. An example of a generic pre-flight operation flow 
diagram is provided on the following page. The ‘ED’ stands for Experiment Developers and signifies that they will 
be in charge of that particular procedure The operation flow diagram may expand onto multiple pages m which a 
numbering system should be used to follow the flow between pages 


NOTES: 

An operations flow diagram was added which is required in JA-012D. The example operations flow diagram is 
from a previously made ground package 

This section was originally part of the Experiment Overview It has been separated for clarification of the material 
JSC Payload Safety Class mcludes the ground operations under the mission description 
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flowchart to the post-flight 
operations on a separate page 


EXAMPLE GROUND OPERATION FLOWCHART 
































Safety Assessment 

The safety assessment gives a narrative summary of the safety analysis of the GSE and its interfaces with 
the experiment and hazardous ground operation procedures The summary explains the approach and techniques 
used to analyze for hazards. Any assumptions made m order to analyze for hazards should be stated and explained 
The maturity of the safety assessment depends on the maturity of the experiment, therefore, this section will be 
general for a Phase 0 package and will develop m detail for a Phase III package There should be a reference to the 
subsystem safety assessment and safety features section for a detailed description of the safety features provided per 
GSE/TOPs. 

NOTES 

JSC Payload Safety Class called this the Program Safety Status Summary The JSC document asks for safety 
concerns and noncompliance items It also suggests a summary of all nsks deemed acceptable by the approving 
agency and the corresponding program position This will be covered in the subsystem sections under safety 
features 

GSFC Safety Handbook asks for the results of the hazard analysis This is covered m the summary of the safety 
analysis. It also asks for the rationale of the classification of the experiment. This is covered m the flight SCDP and 
is not necessary for the ground SCDP 
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Subsystems 

This section is a narrative of the subsystems of the experiment which are discussed m the SCDP This 
narrative should explain that the SCDP is broken up mto sections per experiment subsystem The subsystems which 
are included in the SCDP should be listed. Each section contains a subsystem description, subsystem safety 
assessment summary and safety features, and verification summary This section should further exp lam what 
information can be found under each of these items as detailed below for reference 

Subsystem Description 

This section will completely describe the ground support equipment (GSE) as well as the particular 
subsystem of the experiment with which it is associated. This description will mclude the GSE function and 
planned operation. If there is no GSE associated with a subsystem, but there are ground operations which are to be 
performed on the flight hardware, then this section will be used to describe the flight hardware and those relevant 
ground operations. All operations will be described m detail m the TOPs (Technical Operating Procedures) which 
should be referenced in this section and located m the appendix Operation flow diagrams, figures, and schematics 
will be provided to illustrate the GSE/flight hardware and its operation with respect to the experiment. (These may 
be included m the TOP or Hazard Report sections ) 

Subsystem Safety Assessment Summary and Safety Features 

This section will provide a hazard assessment detailing the potential hazard sources associated with the 
GSE and/or subsystem of the experiment References will be made to the appropriate hazard reports in the Hazard 
Report Section Hazards associated with flight hardware may already be assessed through hazard reports in the 
flight SCDP. In this case, references will be made to the flight SCDP’s hazard report. Included in the assessment 
will be all of the safety features incorporated mto the design Also, provide an explanation of all risks which are 
deemed acceptable by the approving agency and are the responsibility of the experiment organization Additionally, 
a summary will be included which explains the safety controls of any eliminated hazards (those hazards m which a 
hazard report was found unnecessary) If applicable, diagrams and figures should be included to display and better 
explain any safety features (These may be included m the Hazard Report Section ) 

Verification Summary 

This section will describe the methods of verification used to assure that each hazard control meets its 
design specifications and mtended performance levels The description of a particular test or analysis and its results 
will be provided along with references to the actual test or analysis report if applicable 

This SCDP template is divided mto sections, each describing a specific subsystem, to illustrate the 
approach which should be taken The subsystems that follow are common subsystems associated with ground 
operations which mclude Electrical, Lifting/Handling, Materials, Pressure, and Radiation Subsystems. As described 
above, each subsystem section is divided into three separate sections m order to aid in the description of the ground 
operation and m assessmg potential hazards This information is provided as a reference for use in developmg an 
actual SCDP 

NOTES 

This section was added m order to assist the reader m preparing the subsystem divisions in the SCDP This was not 
suggested in any document, but will help the reader understand the format of the package The descriptions of each 
section under the subsystems was gathered from various documents 
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Electrical Subsystems: 
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Electrical Subsystem: 


- Includes Electrical GSE 

- Includes electrical hazards on the experiment that are exposed to the ground crew 
Subsystem Description: 

- Provide a description of the electrical GSE. 

- Provide a description of the experiment’s electrical components which may be exposed 

to the ground crew 

- Provide schematics and block diagrams of non-commercial circuitry 
Safety Assessment Summary and Safety Features: 

- Describe the bonding/grounding and fusing provided m the circuitry 

- Describe the voltage sources which are accessible to the ground crew (Must be under 

30 V ac and/or 50 V dc ) 

- Describe the facility power phasing and EGSE power phasmg 

- List all COTS (Commercial off the Shelf) items List if they are UL rated or 

demonstrate conformance with NEC 

- Reference all Electrical System Hazard Reports (See Hazard Report Section for hazard 

report templates) 

Verification Summary: 

- Describe the inspection process used to verify that the safety features mentioned m the 

above section have been implemented properly 

- Summarize the testing process which verifies that proper grounding has been 

implemented. Include the test parameters and reference the test plan. 

Notes: The following information is needed for this section As mentioned above, some of this information should 
be included with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate. 

Supporting Data: 

- Schematic diagrams indicating power source, wire sizes, circuit protection devices, wire 

temperature rating, etc 

- Provide schematics of all exposed voltage sources 

- Document grounding and bonding techniques used 

- Procedures for tagging and lockout of control switches, circuit breakers, and 

mating/demating connectors 
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Lifting/Handling Subsystems: 
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Lifting/Handling Equipment: 

- Includes all lifting and hoisting equipment 

- Includes lifting devices such as slings, linkage, mechanisms, etc 

- Includes support stands. 

Subsystem Description: 

- Provide a description of the liftmg/handlmg equipment 

- Provide diagrams as appropriate 

- Provide a brief description of the use of the liftmg/handlmg equipment in association 

with the experiment 

Safety Assessment Summary and Safety Features: 

- Reference any TOPs associated with the equipment Also state any specialized training 

needed for operation 

- Describe any necessary tethenng of the equipment 

- Describe the personnel protective equipment necessary for use of the equipment 

- Describe how the maximum expected loads were determined 

- Describe the process of tagging the appropnate equipment with the equipment 

identification, the most recent NDI and structural inspection dates, the next 
required periodic inspection dates, and the quality control stamp 

- Reference Lifting/Handlmg Hazard Reports (See Hazard Report Section for hazard 

report templates) 

- Describe the tipping analysis conducted on all appropnate GSE (i e movable carts, 

stands) 

- Assess operations mvolvmg suspended loads. 


Verification Summary: 

- Summarize the structural analysis and testing done on all load bearing equipment 

- Summarize the results of the dye penetrant or radiographic NDI (Completed annually 

for all load bearing hooks, shackles, eyebolts, etc ) 

- Descnbe the inspection process used to verify that the safety features mentioned in the 

above section have been implemented properly 

Notes: The following information is needed for this section As mentioned above, some of this information should 
be included with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropnate. 

Supporting Data: 

- Structural analysis and testing report 

- Dye penetrant or radiographic NDI report 

- TOPs 

- Inspection/venfication reports 
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Materials Subsystems: 
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Materials Subsystem: 


- Materials used as experiment consumables 

- Materials used as experiment workmg fluids 

- Materials generated from experiment operations that are handled during post-mission 

ground operations 

- Materials used during ground processing, 1 e cleaning fluids, plastic films, . 

Subsystem Description: 

- Provide a listing of the type and quantity of experiment consumables 

- Provide a list of the materials generated from the experiment operations 

- Provide a list of all cleaning fluids 

- Provide MSDS’s sheets on all materials 

- Provide a hst of any radioactive material or coatings used 

Safety Assessment Summary and Safety Features: 

- Detail the hazard level of all materials 

- Detail how the hazard level of the radioactive sources was determined 

- Reference Materials Hazard Reports (See Hazard Report Section for hazard report 

templates) 

Verification Summary: 

- Provide flammability analysis for any combustible materials 

- Provide toxicity assessment for all toxic fluids or gasses 

- Provide radiation assessment for all radioactive sources 

Notes: The following information is needed for this section As mentioned above, some of this information should 
be included with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate. 

Supporting Data: 

- Toxicology Analysis 

- Flammability Analysis 

- Ionizing Radiation Summary Report 
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Pressure Subsystems: 
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Pressure Subsystem: 


- Pressure vessels, lines and hoses, support members 

- Valves, regulators, filters, fittings 

- Instrumentation, components 

- Refer to Flight Hazards Reports and descriptions for flight hardware pressures systems 
Subsystem Description: 

- Describe the purpose and planned operation of the GSE 

- Include a detailed system schematic showmg relief valves and vents 

- Provide information on fluid systems components markings 

- Provide cutaway drawings of major components 

- Identify fluids and gases by name, identify quantities 

- Categorize the hazard level posed by a gas/fluid release 

- State the GSE MOP and provide a basis for its determination 

Safety Assessment Summary and Safety Features: 

- Describe the basis for the GSE systems MOP 

- Consider the worst case environmental conditions 

- Provide listing of fracture critical components 

- Consider failure of heaters 

- Reference Pressure System Hazard Reports (See Hazard Report Section for hazard 

report templates) 

Verification Summary: 

- Provide summary of proof testing results 

- Provide summary of leak testing results 

- Provide copies of operations procedures 

Notes: The following information is needed for this section As mentioned above, some of this information should 
be mcluded with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate. 

Supporting Data: 

- Include a table listing the fluid system components, their respective MDP’s proof and 

burst pressures, and margins 

- Summary table givmg rational for usage of stress corrosion sensitive materials 
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Radiation Subsystems: 
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Radiation: 


- Includes both ionizing and non-iomzing sources 

- Includes radioactive materials, radiation-producing equipment, lasers, and optical 

emitters. 

- Radiation-producing equipment mcludes x-ray, devices, particle accelerators, radio 

frequency/microwave emitters, etc 

- Optical emitters includes ultraviolet, infrared, and high intensity visible light sources 
Subsystem Description: 

- Provide a description of the radiation which may be exposed to the ground crew 

Include the quantity of radiation 

- Describe any ventilation systems used m association with radioactive gases 

- Describe any laser systems, mclude the type of laser, the laser class, and the function 

of die laser. 

- Define the lasers mmimum/maximum energy output, the wavelength(s), pulse (with 

frequency) or continuous wave, and maximum permissible exposure levels for 
humans to the wavelength(s)/energy levels. 

- Provide diagrams to show the location of the radiation on/m the experiment 

- Complete applicable forms* 

JSC 44* Ionizing Radiation Source Data Sheet 
KSC 16-294NS Radiation Training and Experience Summary 
KSC 16-295NS* Radiation Use Request/Authonzation (Radioactive 
Materials) 

KSC 28-34NS Radiation Use Request/Authonzation (Ionizing 
Machine/Device) 

KSC Form 16-450 Training and Expenence Summary, Non-Iomzmg 
Radiation Users 

KSC 16-447* Laser/Optical Device Use Request/Authonzation 
KSC 16-451 Radio frequency/Microwave System Use 
Request/Authonzation 

Safety Assessment Summary and Safety Features: 

- Describe any personnel protective equipment needed for ground operations 

- Describe the containment of any radioactive matenals 

- Descnbe the qualifications/trainmg needed for any operations 

- Describe any radiation source shields, interlocks, fail-safe systems, and limit switches 

- Reference Radiation Hazard Reports (See Hazard Report Section for hazard report 

templates) 

Verification Summary: 

- Describe the inspection process used to verify that the safety features mentioned 

m the above section have been implemented properly 

- Document the use of GSE utilizing radioactive gases Include maintenance and 

checkout of the systems 
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Notes: The following information is needed for this section. As mentioned above, some of this information should 
be mcluded with the descriptions and summaries while other information should be attached to the hazard reports 
and referenced where appropriate 

Supporting Data: 

- Forms listed m subsystem description section 

- List of die equipment generation hazardous radiation 
• Documentation of radioactive gases 
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Hazard Report List/Status 

The hazard report list/status provides a listing of the hazard reports and information on their status The 
form is shown on the following page The hazard report number is the number assigned to each hazard report and 
can be found m the upper right hand comer of the hazard report The hazard title is gathered from each hazard 
report Alterations/comments refers to any change or alteration of a hazard report due to a change from an action 
item and/or a change of design This column will provide updated information about each hazard report The status 
column should display whether the hazard report is open, closed, or has been deleted. A hazard report is closed 
with the assessment of all hazard report related action items and with the completion of all verification methods 
This is the only complete listing of the hazard reports It is important to keep this list updated and to provide the 
appropriate comments for bookkeeping purposes NOTE All changes of hazard reports will be identified by a bar in 
the right hand margin of the hazard report 

NOTES 

NSTS 13830B has form 1090A which is used for flight hazard reports This form only asks for the matrix element 
reference number, the hazard report number, and the hazard title The payload (experiment) , phase, and date are 
the same The page numbering was unnecessary smce the pages will be numbered with respect to the complete 
package as described in the table of contents The title of this table has been changed from “NSTS Payload Safety 
Requirements Applicability Descriptive Data” There are also comments m the text about the status of hazard 
reports 

The GSFC Safety Handbook has a “GAS Hazard List” which provides the hazard group, hazard title, and applicable 
safety requirement The hazard group is not mcluded because we have taken this out of the hazard report The 
applicable safety requirements are covered m the hazard reports 

JA-012D provides an “Experiment Safety Package Cover Sheet” which is actually a hazard report list/status page 
This page mcludes the experiment, payload, phase, date, and page numbers. The payload is not necessary for this 
listing The page numbers will follow the page numbers of the complete package as described m the table of 
contents The rest of the information is also provided on the new form The column titles are number, hazard title, 
remarks, disposition, and general comments. The remarks and general comments are combined mto 
alterations/comments. The disposition is the same as the status There are also comments about hazard report status 
m the text of this document Assessmg die changes of the hazard reports for impact to safety is covered m the 
revision page and does not need to be repeated here. 
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Hazard Report List/Status 

Experiment: Phase: Date: 

Hazard 

Report No. Hazard Title Alterations/Comments Status 











Hazard Reports 


This section contains the hazard reports which identify potential hazards of the GSE/TOPs, causes of the 
potential hazards, methods for controlling the hazards, and verifications of die control measures This information 
will be provided on die JSC Form 542B for hazard reports which is provided on the following page for reference 
Note For instructions on the proper method of completing a hazard report form refer to NSTS 13830B, Appendix 
A , JA-012D, pages A2-1 to A2-6, or JSC Safety Office , Part II It is important to format the hazard reports 
identically for consistency and ease of reading Each hazard cause should be placed on one page with its 
corresponding controls and verifications Along with the hazard reports will be all of the schematics, figures, 
reports, plans, etc needed to provide a complete safety assessment of the potential hazards described m the hazard 
reports 

The following hazard reports are considered common hazards for particular subsystems Other more 
unique hazards may be present m a subsystem and should be properly assessed for safety m the manner displayed in 
this package. It is important to realize that the hazard reports provided are not to be used as they exist in this 
package. They are to be used as a template only, and should be used to develop and document experiment- 
specific information. 

NOTES 

The hazard report templates have not been inserted. LeRC Safety Assurance Office is currently working on 
developing these hazard reports. 

The mam changes to the hazard report form include the exclusion of the hazard group and the alteration of the 
signatures The hazard group was excluded to avoid confusion, smce it was not adding needed information The 
signatures were altered to mclude only the necessary signatures for the approval of the hazard report 
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EXPERIMENT 6R0UND HAZARD REPORT 


EXPERIMENT 


SUBSYSTEM 


HAZARD TITLE 


APPLICABLE SAFETY REQUIREMENTS 



PANEL CHAIRMAN 
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EXPERIMENT GROUND HAZARD REPORT CONTINUATION SHEET 


NO 



Based on JSC Forni 542B (rev Nov 82) 
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Noncompliance Reports, Waivers, Deviations 

The noncompliance report list provides information on all noncompliance reports which have been 
submitted to the GSRP. A noncomphance report is necessary only when a safety requirement cannot be met. 
Noncomphance reports for KSC GSE are not needed in the GSCDP The noncomphance is documented on JSC 
Form 542C which is provided on the following page for reference Justification must be given m the 
noncomphance report to conclude that an alternate method of design, procedures, configuration, etc has a 
comparable or higher degree of safety If the noncomphance report is approved, the GSRP will issue a waiver 
(approved for one mission only) or a deviation (approved for multiple missions). All noncomphance reports must 
be closed before the Phase III safety review A hst of all submitted noncomphance reports and then status will be 
provided for easy reference This list will state the noncomphance item with information about its acceptance or 
rejection. The hst will track all noncomphance reports whether or not they have become waivers and deviations 
An example of the noncomphance report list is shown on a following page Also mclude m this section the actual 
noncomphance reports, waivers, and deviations NOTE Detailed information on noncomphance reports, waivers, 
and deviations can be found in NSTS 13830B sections 60, 6 1, and 6 2 For reflown or series flights, waivered 
conditions must be corrected and deviations must be revalidated after each flight 

NOTES 

This table was suggested by NSTS 13830B 

NSTS 13830B goes mto much more detail on the process of completing and sending an NCR This paragraph is to 
inform the preparer that a list and the reports are needed; it is not for the complete explanation of what a NCR is and 
how to fill it out and use it 

JSC Payload Safety Class refers to this section as Non-comphant Items. It suggests including a copy of the 
approving correspondence This is unnecessary if the NCR are all signed 
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No. 

Title (bnef reference to noncomphance) 

Payload Identification (Include reference to applicable payload element, subsystem, and/or component) 

Applicable Requirement 

Description of Noncompliance (Specify how the design or operation does not meet the safety requirement) 

Hazard or Hazard Cause (Include reference to Hazard Report) 

Reason Requirement Cannot be Fulfilled 

Rationale for Acceptance (Define the design feature or procedure used to conclude that the noncomphance condition is safe 
Attach applicable support data, 1 e drawings, test reports, analysis, etc ) 



WAIVER APPROVAL DEVIATION APPROVAL 

Effectivity Effectivity 

STS Operator Date STS Operator Date 

JSC Form 542C (Rev Mar 83) 


Date: 


Payload Safety Noncompliance Report 
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Safety Related Failures/Accidents 

This section describes the safety related failures and accidents which involve GSE or other ground 
operations of safety-critical subsystems as well as those which have occurred during experiment processing, testing, 
and checkout The description should include a summary of each failure/accident along with a safety assessment 
which identifies all impacts to the STS This section will not appear m a SCDP until the experiment has begun 
ground operation processing, testing, and checkout which does not occur at KSC until after Phase in However, the 
GSE may have been used during flight hardware checkout at the developer’s site Any failures or accidents 
associated with GSE there may be documented here. 

NOTES 

The mformation about when this section appears m a SCDP was added for clarification. Both NSTS 13830B and 
JA-012D do not discuss this topic until the phase II SCDP 

JA-012D words this section slightly different 
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Safety Verification Tracking Log 

The safety verification tracking log (SVTL) is used to record the status of the open safety verification items 
of the hazard reports. The SVTL is a standardized JSC Form (no 764) and is provided on the following page for 
reference This form should be included in all phases of the GSCDP and should be updated per each phase until all 
verifications are closed The goal is to have all verifications closed by the Phase m safety review, however, closure 
of verifications is required before GSE use at KSC Instructions for completing the form can be found m NSTS 
13830B, Appendix C. The page following the SVTL is provided to help show the relationship between the SVTL 
and a hazard report 

NOTES 

All of the information m the documents about the SVTL is covered m this paragraph or in the table itself 

JA-012D refers to an Open Safety Items List which is a list of all open safety items requiring closure after the flight 
hardware is delivered. The SVTL covers some of the same information along with the hst of AI 
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NSTS PAYLOAD GROUND 
SAFETY VERIFICATION TRACKING LOG 

Experiment/Payload Date - 

Log 

No 

Hazard 

Report 

Number 

Safety 

Verification 

Number 

Description 

(Identify Procedures By 
Number and Title) 

Ground 
Operation(s) 
Constrained 
(Procedure #) 

Independent 

Verification 

Required 

(Yes/No) 

Schedule 

Date 

Completion 

Date 

Method of Closure 
Comments 

















































































































































































































JSC Form 764 (Jul 89) 
















126 

























Certificate of NSTS Payload Safety Compliance 

The Certificate of NSTS Payload Safety Compliance provides a formal approval from the payload 
organization payload manager stating that the GSE and ground operations comply with all of the applicable 
requirements of KHB 1700.7B This certificate is JSC Form 1 1 14A which is provided on the following page for 
reference It is typically prepared for die Phase III SCDP, but is required to be submitted along with the latest 
SVTL 30 days pnor to delivery Any flight verifications still open must be accompanied with a rationale for 
acceptance 

NOTES 

JA-012D has its own certificate which states safety compliance with NSTS 1700 7B (KHB 1700.7 refers to this) and 
that the payload is prepared for integration It also requires an open item’s list which is similar to the SVTL The 
Open Items List is to provide a description of open safety items requiring closure after the flight hardware is 
delivered 

The JSC Payload Safety Class requests a paragraph stating management approval and submission of the SCDP 
constitutes certification of the SCDP completeness, accuracy, and validity Also mcluded is a statement of 
compliance with safety requirements The Certificate accomplishes this 
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Certificate of NSTS Payload Safety Compliance 

For 


(Payload) 

GSE Design and Ground Operations 
The Payload Organization hereby certifies that: 

(1) The payload is safe. 

(2) The payload complies with all applicable requirements of 
KHB 1700.7B, “Space Shuttle Payload Ground Safety 
Handbook.” 

List of approved Waivers/Deviations: 


Approved: (Payload Organization Payload Manager) 


Date: 


JSC Form 1114A (May 89) 
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List of Deliverables 


This section will provide a complete list of all items of the experiment which will be delivered to the 
integration facility This mcludes all equipment which supports the servicing, checkout, and integration of the 
experiment A list of deliverables table is provided on the following page The information required for this table 
includes the part number, the item name, the manufacturer/vendor, the destination, and the disposition. The 
destination box should be completed with “on-line”, “off-line”, or a specific room. On-line refers to shuttle 
interface processmg while off-line implies processmg elsewhere The disposition column should be completed with 
an “X” in the appropriate subsection The ‘ED’ stands for Experiment Developer and m this case, signifies that the 
Experiment Developer will be bringing this item with him/her as backup This item will be returning with the 
Experiment Developer if it is not needed. The other choices of disposition are for items which planned to be stored 
and items which are considered flight hardware This list will verify that all parts have arrived to the integration 
facility 

NOTES: 

This is only found m JA-012D This document suggests that this list confirms the completeness of the safety 
analysis This document also references the Operations and Integration Agreement. 
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Appendix A: Applicable Documents 

This section is a listing of all of the applicable safety related documents used to substantiate safety 
compliance in the SCDP It is important to use the current revisions of each document in the development of the 
SCDP This list should mclude each document’s tide, number, revision number or letter, and date. The following 
list is provided for reference, documents should be added or deleted to this list depending on which were used The 
dates and the revision numbers or letters have not been provided due to the continuous revision of many documents, 
however, the current revisions of die documents should be listed 


Applicable for all Experiments: 

NSTS 13830 Implementation Procedure for STS Payloads System Safety 

Requirements 


NSTS 14046 Payload Verification Requirements for the Space Shuttle Program 

NSTS 18798 Interpretations of NSTS Payload Safety Requirements 


NSTS 2 1 000-IDD-MDK Shuttle/Payload Interface Definition Document for Middeck 

Accommodations 


NSTS 1700 7 

KHB 1700 7 
ICD 2-1-19001 

KSC: 

KHB 1860 1 
KHB 1860 2 
MSFC: 

JA-012 

JA-061 

JA-081 

JA-276 


Safety Policy and Requirements for Payloads Using the Space 
Transportation System 

Space Shuttle Payload Ground Safety Handbook 

Shuttle Orbiter/Cargo Standard Interfaces (Attachment 1 to NSTS 
07700, Volume IV) 


KSC Radiation Protection Handbook 

KSC Non-ionizmg Radiation Protection Program 


Payload Projects Office Payload Safety Implementation Approach 

Payload Mission Manager Interface and Safety Verification 
Requirements for Instruments, Facilities, MPE, and ECE on STS 
Spacelab Payload Missions 

Payload Mission manager Interface and Safety Verification 
Requirements for Instruments, Facilities, MPE, and ECE on STS 
Partial Payload Missions 

Payload Mission Manager Interface and Safety Verification 
Requirements for Instruments, Facilities, MPE, and ECE on STS 
Orbiter Middeck Payload Missions 
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JA-4 1 8 Payload Flight Equipment Requirements for Safety-Cntical 

Structures 

JA-447 Mission Requirements on Facilities/Instruments/Expenments for 

Space Transportation Systems (STS) Attached Payloads 
(MROFIE) 

GSFC: 

— GAS Experimenter’s Guide to the STS Safety Review Process and Data 

Package Preparation 


NOTES 

The title of the document was added to the list because some documents do not have numbers The majority of this 
list is from JA-012D, section 4 0 

JSC Payload Safety Class suggests including this list m the introduction Instead of mcludmg it, it was referenced it 
m die Preface 
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Appendix B: Project Schedules 

This section provides a schedule of all of the major ground safety reviews along with a timeline schedule 
of all activities associated with launch site processing The ground safety review schedule should display the name 
of the ground review and its planned date These dates should be updated if changes are made m the schedule 
NOTE For project schedule guidance ; refer to JSC Payload Safety Class Module II, Section G, provided on the 
following pages The launch site processing timeline should include planned dates for handling, storage, assembly, 
servicing, and checkout operations which are to occur at KSC 

NOTES* 

The JSC Payload Safety Class mcludes this m the mission description 

NSTS 13830B only discusses it m the review meetings, however, it is important to have it for reference 

KHB 1700.7B requests a launch site safety plan This has been added to this section and is referenced in the 
introduction 
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G. Schedule 


Having seen the flow of activities and schedule of the integration process, let’s consider how the safety process fits 
in Design of the payload will usually have progressed to some point before the approval for mission assignment is 
granted. That says that the safety process should be underway even before the payload has a flight assignment The 
two processes first come together with approval of the 1628 From that point they are running in parallel and are 
pegged together at milestones such as design reviews, readiness reviews, delivery to the launch range, processing 
points and launch. 

Figure 11*1 depicts the overall flow and relationships of the payload design, integration, system safety and payload 
safety review processes It should be clear from looking at the chart that the safety effort cannot wait until the 
integration process starts There is too much safety data required to support the PIP and ICD There is also too 
much design work done If the safety process is not started until the design is complete and hardware is being built, 
the cost of correcting hazards goes up tremendously Remember, it is a lot less expensive to change a lme on a 
piece of paper than it is to modify a piece of hardware. 

Figure II-3 looks at the relationships from another perspective The hazard reports form the basis for much of the 
activity that occurs during the integrated cargo development and control process 
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Appendix C: TOPs 

This appendix provides a list of all the TOPs associated with the experiment It can also be used to track 
all of the TOPs through completion An example table is displayed on the following page The hazard report 
number is the number assigned to each hazard report and can be found m the upper right hand comer of the hazard 
report The hazard report control number refers to a particular control on the hazard report for which the TOP is 
written A procedure title and procedure number is assigned for each TOP The sequence affected is a brief 
description of the hazard control which is associated with the TOP The facility in which the procedure will be 
performed and the date m which it will be completed are also mcluded on the table A draft version of this list is 
necessary for the Phase II GSCDP The final list should be presented in the Phase ID GSCDP 


NOTES This table has been added for reference purposes There are no requirements for this table It is from 
KSC 
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Hazard Controls Incorporation In Operational Procedures 

Hazardous Procedure Information Log For 

(Payload Customer) 


HR 

HR 

Procedure Title 

Procedure 

Sequence(s) Affected 

Facility 

Use 
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Control 
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(Hazard Controls) 

Used In 
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